ATT&CK 기법 · Stealth
Rootkit T1014
이 기법을 다룬 REVELARE 한국어 위협 분석 1편 · Stealth
이 기법을 다룬 분석
MITRE 공식 정의
Adversaries may use rootkits to hide the presence of programs, files, network connections, services, drivers, and other system components. Rootkits are programs that hide the existence of malware by intercepting/hooking and modifying operating system API calls that supply system information. (Citation: Symantec Windows Rootkits) Rootkits or rootkit enabling functionality may reside at the user or kernel level in the operating system or lower, to include a hypervisor or [Sys…
플랫폼: Linux, macOS, Windows