Archive Collected Data (T1560)

An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender. Both compression and encryption are done prior to exfiltration, and can be performed using a utility, 3rd party library, or custom method.

Source: https://github.com/mitre/cti

Related Prelude attack chains

Release Date (Newest)

Filter

Search for chains, TTPs, themes, and text

Browse By:

Platforms

All
Windows
Darwin
Linux
Global
Android

Themes

Licenses

APT40 Find and Exfiltrate

2022-05-10

Find and exfiltrate files that potentially contain cleartext usernames or passwords based on filename.

ExBox

2022-03-29

Emulating RNC hack in 2021

File Hunter

2021-08-10

Automatically discover and prepare files for exfiltration.

About PreludePrelude hardens an organization's defenses by continuously “asking” it questions through the form of safe cyberattacks. These attacks respond immediately to the latest vulnerabilities and cyber events, turning complex technical descriptions into deployable “questions”.Our mission is to increase the reach, frequency and usage of advanced security for all organizations.

Follow @preludeorg on Twitter for new chains and more.

Join the Prelude Discord to discuss chains and more.

Keep up to date with code changes and community activity on Github

preludesecurity.com Careers Tactics & Techniques Attack themes

Privacy Policy support@preludesecurity.com© 2023 Prelude Research, Inc.All rights reserved. Prelude, its logo and other trademarks are trademarks of Prelude Research, Inc. and may not be used without permission.

Archive Collected Data (T1560)

Browse By:

Platforms

All

Windows

Darwin

Linux

Global

Android

Themes

Tags

Licenses