| ID | E1020 |
| Objective(s) | Exfiltration |
| Related ATT&CK Techniques | Automated Exfiltration (T1020) |
| Version | 2.1 |
| Created | 1 August 2019 |
| Last Modified | 18 December 2023 |
Malware may automatically transfer, or exfiltrate, collected data from a compromised system to a remote location controlled by the attacker through automated processes or scripting. This is often done to minimize the attacker's manual interaction with the system and to maintain a low profile, thereby reducing the chances of detection.
See ATT&CK Technique: Automated Exfiltration (T1020).
| Name | ID | Description |
|---|---|---|
| Exfiltrate via File Hosting Service | E1020.m01 | Malware may exfiltrate files to a file hosting location. |
| Name | Date | Method | Description |
|---|---|---|---|
| Attor | 2013 | -- | Attor has a file uploader plugin that automatically exfiltrates collected data and log files to a C2 server.[1] |
[1] https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Attor.pdf