Abuse Trusted Sites

Type: technique

Description: The adversary exfiltrates sensitive data by embedding it in resources loaded from attacker-controlled endpoints hosted on trusted domains. This bypasses security controls like Content Security Policies and evades detection by leveraging implicit trust in known sites.

Version: 0.1.0

Created At: 2025-10-01 13:13:22 -0400

Last Modified At: 2025-10-01 13:13:22 -0400

External References

Hacking Google Bard - From Prompt Injection to Data Exfiltration, Embrace the Red

--> Defense Evasion (tactic): An adversary can bypass Content Security Policy controls and evade detection by abusing trusted sites.
--> Exfiltration (tactic): An adversary can exfiltrate data by hosting attacker-controlled endpoints on trusted domains.
--> Johann Rehberger (entity): Demonstrated by
<-- EchoLeak: Zero-Click Data Exfiltration using M365 Copilot (procedure): The attacker exfiltrates data through a malicious, yet trusted, teams.microsoft.com endpoint
<-- AI ClickFix: Hijacking Computer-Use Agents Using ClickFix (procedure): An attacker can plant malicious click baits on compromised, yet trusted websites.

AI Agents Attack Matrix

Abuse Trusted Sites

External References

Related Objects

Related Frameworks