Detailedseverity: HighDraft

CAPEC-568Capture Credentials via Keylogger

Abstraction
Detailed
Status
Draft
Severity
High

Description

An adversary deploys a keylogger in an effort to obtain credentials directly from a system's user. After capturing all the keystrokes made by a user, the adversary can analyze the data and determine which string are likely to be passwords or other credential related information. Metadata: detailed CAPEC pattern, status draft, severity high. Mapped ATT&CK technique: [object Object]. Related CAPEC patterns: [object Object], [object Object], [object Object], [object Object] (and 2 more).

MITRE ATT&CK crosswalk· 1

T1056.001: Input Capture:Keylogging

Related attack patterns· 6

CAPEC-569 (ChildOf)CAPEC-600 (CanPrecede)CAPEC-151 (CanPrecede)CAPEC-560 (CanPrecede)CAPEC-561 (CanPrecede)CAPEC-653 (CanPrecede)

Related to1

TypeTargetConfidenceTier
SubTechniqueKeyloggingt1056.001100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Collect Data as Provided by Users
CAPEC
Collect Data from Screen Capture
CAPEC
Use of Known Kerberos Credentials
CAPEC
Use of Known Operating System Credentials
CAPEC
Collect Data from Clipboard
CAPEC
Use of Known Domain Credentials
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.