{
  "website": "drive.google.com",
  "tags": [
    "Phishing",
    "Download",
    "Exfiltration"
  ],
  "service_provider": "Google",
  "phishing": "Attackers have hosted malware on drive.google.com and utilized the sharing capabilities and phish users to download it.",
  "command_and_control": "Attackers have used drive.google.com for C&C by retrieving files with commands to be executed. An example of  a malware that uses drive.google.com as C&C is SysJoker.",
  "exfiltration": "drive.google.com can be used to store exfiltrated files on there. GC2 is an open-source tool that utilizes drive.google.com for exfiltration.",
  "download": "drive.google.com creates shared links for files which enables attackers to download additional tools.",
  "sample_url": "https://www.joesandbox.com/analysis/486513/0/html",
  "created": "2021-11-10",
  "last_update": "2021-11-10",
  "credits": "mr.d0x",
  "detail_path": "/site/64726976652e676f6f676c652e636f6d",
  "detail_slug": "64726976652e676f6f676c652e636f6d",
  "detail_url": "https://lots-project.com/site/64726976652e676f6f676c652e636f6d",
  "scraped_at": "2026-06-16T11:57:37Z"
}