Techniquecredential-accessATLAS

AML.T0098AI Agent Tool Credential Harvesting

What it is

Adversaries may attempt to use their access to an AI agent on the victim's system to retrieve data from available agent tools to collect credentials. Agent tools may connect to a wide range of sources that may contain credentials including document stores (e.g. SharePoint, OneDrive or Google Drive), code repositories (e.g. GitHub or GitLab), or enterprise productivity tools (e.g. as email providers or Slack), and local notetaking tools (e.g. Obsidian or Apple Notes).

References

  1. https://atlas.mitre.org/techniques/AML.T0098

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

ATLAS
RAG Credential Harvesting
ATLAS
AI Agent Tool Data Poisoning
ATLAS
Exfiltration via AI Agent Tool Invocation
ATLAS
Credentials from AI Agent Configuration
ATLAS
OS Credential Dumping
ATLAS
AI Agent Tool Invocation
Sourced from MITRE ATLAS — Adversarial Threat Landscape for AI Systems. Curated by Adam Lundqvist, SQUR.