T1521 Encrypted Channel
Adversaries may explicitly employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if necessary secret keys are encoded and/or generated within malware samples/configuration files.
| Item |
Value |
| ID |
T1521 |
| Sub-techniques |
T1521.001, T1521.002 |
| Tactics |
TA0037 |
| Platforms |
Android, iOS |
| Version |
2.0 |
| Created |
01 October 2019 |
| Last Modified |
05 April 2022 |
Procedure Examples
References