T1030Techniqueexfiltrationagent-callable

T1030Data Transfer Size Limits

Platforms: Linux · macOS · Windows

ATT&CK version: 14.1

What it is

An adversary may exfiltrate data in fixed size chunks instead of whole files or limit packet sizes below certain thresholds. This approach may be used to avoid triggering network data transfer threshold alerts.

ATT&CK tactics· 1

Exfiltration

References

  1. https://attack.mitre.org/techniques/T1030
  2. https://arxiv.org/ftp/arxiv/papers/1408/1408.1136.pdf
Sourced from MITRE ATT&CK Enterprise v14.1. Curated and contextualized for EU compliance use cases by Adam Lundqvist, Founder at SQUR.