T1567.002 - Exfiltration to Cloud Storage
Sub-technique
Tattiche:
Exfiltration
Exfiltration
Piattaforme:
ESXi Linux macOS Windows
ESXi Linux macOS Windows
Rilevamento:
Not specified
Not specified
Description:
Adversaries may exfiltrate data to a cloud storage service rather than over their primary command and control channel. Cloud storage services allow for the storage, edit, and retrieval of data from a remote cloud storage server over the Internet.
Examples of cloud storage services include Dropbox and Google Docs. Exfiltration to these cloud storage services can provide a significant amount of cover to the adversary if hosts within the network are already communicating with the service.
Examples of cloud storage services include Dropbox and Google Docs. Exfiltration to these cloud storage services can provide a significant amount of cover to the adversary if hosts within the network are already communicating with the service.
Usato da Attori (20)
Turla
Nation-state
Nation-state
FIN7
Criminal
Criminal
Kimsuky
Nation-state
Nation-state
MUSTANG PANDA
Nation-state
Nation-state
INDRIK SPIDER
Unknown
Unknown
WIZARD SPIDER
Nation-state
Nation-state
HAFNIUM
Unknown
Unknown
ToddyCat
Unknown
Unknown
POLONIUM
Nation-state
Nation-state
Earth Lusca
Unknown
Unknown
Scattered Spider
Unknown
Unknown
Storm-0501
Unknown
Unknown
LuminousMoth
Unknown
Unknown
Medusa Group
Unknown
Unknown
Ember Bear
Unknown
Unknown
Cinnamon Tempest
Unknown
Unknown
HEXANE
Unknown
Unknown
Leviathan
Unknown
Unknown
Akira
Unknown
Unknown
Chimera
Unknown
Unknown
Malware (15)
Metadata
| MITRE ID: | T1567.002 |
| STIX ID: | attack-pattern--bf1b6176-597c-... |
| Piattaforme: | ESXi, Linux, macOS, Windows |
| Created: | 13/01/2026 17:48 |
| Updated: | 06/03/2026 16:00 |