Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
View in MITRE ATT&CK®Technique ID | Technique Name | Number of Mappings |
---|---|---|
T1573.002 | Asymmetric Cryptography | 13 |
T1573.001 | Symmetric Cryptography | 13 |