T1001.002SubTechniquecommand-and-controlagent-callable

T1001.002Steganography

Sub-technique of T1001

Platforms: Linux · macOS · Windows

ATT&CK version: 14.1

What it is

Adversaries may use steganographic techniques to hide command and control traffic to make detection efforts more difficult. Steganographic techniques can be used to hide data in digital messages that are transferred between systems. This hidden information can be used for command and control of compromised systems. In some cases, the passing of files embedded using steganography, such as image or document files, can be used for command and control.

ATT&CK tactics· 1

Command And Control

References

  1. https://attack.mitre.org/techniques/T1001/002
  2. https://arxiv.org/ftp/arxiv/papers/1408/1408.1136.pdf
Sourced from MITRE ATT&CK Enterprise v14.1. Curated and contextualized for EU compliance use cases by Adam Lundqvist, Founder at SQUR.