ATT&CK 기법 · Exfiltration

Exfiltration Over Alternative Protocol T1048

이 기법을 다룬 REVELARE 한국어 위협 분석 2편 · Exfiltration

이 기법을 다룬 분석

UAT-8302: OneDrive를 C2로 위장한 중국 APT, 3개 권역 정부 침투

CryptoBandits 클리퍼: USB 웜·Tor C2로 지갑 주소를 바꾸는 6단계

MITRE 공식 정의

Adversaries may steal data by exfiltrating it over a different protocol than that of the existing command and control channel. The data may also be sent to an alternate network location from the main command and control server. Alternate protocols include FTP, SMTP, HTTP/S, DNS, SMB, or any other network protocol not being used as the main command and control channel. Adversaries may also opt to encrypt and/or obfuscate these alternate channels. [Exfiltration Over Altern…

attack.mitre.org ↗ATT&CK 매트릭스

플랫폼: ESXi, IaaS, Linux, macOS, Network Devices, Office Suite, SaaS, Windows