T1030 - Data Transfer Size Limits - MITRE ATT&CK

T1030 - Data Transfer Size Limits

Tactics:
Exfiltration

Platforms:
Linux macOS Windows ESXi

Detection:
Not specified

Description:

An adversary may exfiltrate data in fixed size chunks instead of whole files or limit packet sizes below certain thresholds. This approach may be used to avoid triggering network data transfer threshold alerts.

Used by Actors (5)

APT28
Nation-state

APT41
Nation-state

LuminousMoth
Unknown

Play
Unknown

Threat Group-3390
Unknown

Malware (14)

AppleSeed other RDAT other ObliqueRAT other POSHSPY other Carbanak other OopsIE other Cobalt Strike other Kessel other StealBit other LunarWeb other Kevin other Helminth other Rclone tool Mythic tool

Metadata

MITRE ID:	T1030
STIX ID:	attack-pattern--c3888c54-775d-...
Platforms:	Linux, macOS, Windows, ESXi
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00