T1573 - Encrypted Channel - MITRE ATT&CK - Cyber Threat Intelligence

T1573 - Encrypted Channel

Tattiche:
Command and Control

Piattaforme:
ESXi Linux macOS Network Devices +1

Rilevamento:
Not specified

Description:

Adversaries may employ an encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.

Sub-tecniche (2)

ID	ATT&CK	Azioni
T1573.001	Symmetric Cryptography
T1573.002	Asymmetric Cryptography

Usato da Attori (4)

APT29
Nation-state

Magic Hound
Unknown

BITTER
Unknown

Tropic Trooper
Unknown

Malware (11)

RCSession other NETWIRE other Gomir other Emotet other PowerLess other Chaes other gh0st RAT other Cryptoistic other MacMa other PowGoop other Lizar other

Metadata

MITRE ID:	T1573
STIX ID:	attack-pattern--b8902400-e6c5-...
Piattaforme:	ESXi, Linux, macOS, Network Devices, Windows
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00