T1011.001 - Exfiltration Over Bluetooth
Sub-technique
Tactics:
Exfiltration
Exfiltration
Platforms:
Linux macOS Windows
Linux macOS Windows
Detection:
Not specified
Not specified
Description:
Adversaries may attempt to exfiltrate data over Bluetooth rather than the command and control channel. If the command and control network is a wired Internet connection, an adversary may opt to exfiltrate data using a Bluetooth communication channel.
Adversaries may choose to do this if they have sufficient access and proximity. Bluetooth connections might not be secured or defended as well as the primary Internet-connected channel because it is not routed through the same enterprise network.
Adversaries may choose to do this if they have sufficient access and proximity. Bluetooth connections might not be secured or defended as well as the primary Internet-connected channel because it is not routed through the same enterprise network.
Malware (1)
Metadata
| MITRE ID: | T1011.001 |
| STIX ID: | attack-pattern--613d08bc-e8f4-... |
| Platforms: | Linux, macOS, Windows |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |