View on MITRE ATT&CK

T1583.006 - Web Services

Sub-technique
Tattiche:
Resource Development
Piattaforme:
PRE
Rilevamento:
Not specified
Description:
Adversaries may register for web services that can be used during targeting. A variety of popular websites exist for adversaries to register for a web-based service that can be abused during later stages of the adversary lifecycle, such as during Command and Control ([Web Service](https://attack.mitre.org/techniques/T1102)), [Exfiltration Over Web Service](https://attack.mitre.org/techniques/T1567), or [Phishing](https://attack.mitre.org/techniques/T1566). Using common services, such as those offered by Google, GitHub, or Twitter, makes it easier for adversaries to hide in expected noise.(Citation: FireEye APT29)(Citation: Hacker News GitHub Abuse 2024) By utilizing a web service, adversaries can make it difficult to physically tie back operations to them.
Usato da Attori (20)
APT17
Nation-state
APT28
Nation-state
APT29
Nation-state
Turla
Nation-state
FIN7
Criminal
Lazarus Group
Nation-state
Gamaredon Group
Unknown
APT32
Nation-state
Kimsuky
Nation-state
MuddyWater
Nation-state
MUSTANG PANDA
Nation-state
HAFNIUM
Unknown
TA2541
Unknown
TA578
Unknown
POLONIUM
Nation-state
Earth Lusca
Unknown
IndigoZebra
Unknown
Medusa Group
Unknown
Magic Hound
Unknown
Saint Bear
Unknown
Metadata
MITRE ID: T1583.006
STIX ID: attack-pattern--88d31120-5bc7-...
Piattaforme: PRE
Created: 13/01/2026 17:48
Updated: 06/03/2026 16:00