ftp
Techniques Used |
||||
Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1048 | .003 | Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted Non-C2 Protocol |
ftp may be used to exfiltrate data separate from the main command and control protocol.(Citation: Microsoft FTP)(Citation: Linux FTP) |
Groups That Use This Software |
||
ID | Name | References |
---|---|---|
G0019 | Naikon |
(Citation: Baumgartner Naikon 2015) |
G0087 | APT39 |
(Citation: FBI FLASH APT39 September 2020) |
(Citation: CISA Iran Albanian Attacks September 2022) |
||
G0096 | APT41 |
(Citation: FireEye APT41 March 2020) |
G0064 | APT33 |
(Citation: Symantec Elfin Mar 2019) |
G0049 | OilRig |
(Citation: Palo Alto OilRig Oct 2016) |
References
- Wikipedia. (2016, June 15). File Transfer Protocol. Retrieved July 20, 2016.
- Microsoft. (2021, July 21). ftp. Retrieved February 25, 2022.
- N/A. (n.d.). ftp(1) - Linux man page. Retrieved February 25, 2022.
- Baumgartner, K., Golovkin, M.. (2015, May). The MsnMM Campaigns: The Earliest Naikon APT Campaigns. Retrieved April 10, 2019.
- FBI. (2020, September 17). Indicators of Compromise Associated with Rana Intelligence Computing, also known as Advanced Persistent Threat 39, Chafer, Cadelspy, Remexi, and ITG07. Retrieved December 10, 2020.
- CISA. (2022, September 23). AA22-264A Iranian State Actors Conduct Cyber Operations Against the Government of Albania. Retrieved August 6, 2024.
- Glyer, C, et al. (2020, March). This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits. Retrieved April 28, 2020.
- Security Response attack Investigation Team. (2019, March 27). Elfin: Relentless Espionage Group Targets Multiple Organizations in Saudi Arabia and U.S.. Retrieved April 10, 2019.
- Grunzweig, J. and Falcone, R.. (2016, October 4). OilRig Malware Campaign Updates Toolset and Expands Targets. Retrieved May 3, 2017.
Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.