"fraud by impersonating victims and purchasing gift cards or performing financial transfers. - launching malware distribution attacks from the compromised accounts. figure 4 shows the variety of credentials stolen by blackguard, including usernames and passwords from online ecomme…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1539Steal Web Session Cookie
92%
"##filtrates web session cookies from browsers such as google chrome, microsoft edge, mozilla firefox, and apple ’ s safari. figure 5, shows how blackguard infostealer stores stolen cookies from the chrome browser. the log file “ cookies _ chrome2. txt ” contains the session cooki…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1113Screen Capture
88%
"logs the history data from the browser and stores the collected data in the “ history. txt ” file. the file also contains a counter highlighting the number of times the user has visited a specific website. capturing screenshots blackguard infostealer also captures screenshots fro…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1555.003Credentials from Web Browsers
88%
"##ing, dynamic link library ( dll ) injection and resource hijacking to steal credentials from browsers, messenger clients, and other client - side software. the stolen data is compressed and exfiltrated in the same http - based communication channel that the attackers use for co…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1555.003Credentials from Web Browsers
78%
"##filtration, blackguard infostealer creates a folder named “ wallets ” to store the wallet information, and the complete “ wallets ” folder is then compressed into a single zip file. figure 8 shows an example of a stolen crypto wallet account ( authentication tokens ) from a com…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1555.003Credentials from Web Browsers
75%
"fraud by impersonating victims and purchasing gift cards or performing financial transfers. - launching malware distribution attacks from the compromised accounts. figure 4 shows the variety of credentials stolen by blackguard, including usernames and passwords from online ecomme…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1048Exfiltration Over Alternative Protocol
72%
"the united states. figure 2. data exfiltrated by blackguard and stored in a compressed format. we analyzed these compressed files to understand the potential storage constructs used. since there was a risk that these compressed files could contain malware as well, the files were …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1657Financial Theft
69%
"##filtration, blackguard infostealer creates a folder named “ wallets ” to store the wallet information, and the complete “ wallets ” folder is then compressed into a single zip file. figure 8 shows an example of a stolen crypto wallet account ( authentication tokens ) from a com…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1567Exfiltration Over Web Service
62%
"various messaging applications on the compromised system. targeted applications include telegram and discord. the malware creates associated directories with the same name as the messaging application to hold the stolen data and then exfiltrates this data. figure 9 highlights a d…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1217Browser Information Discovery
52%
"##filtrates web session cookies from browsers such as google chrome, microsoft edge, mozilla firefox, and apple ’ s safari. figure 5, shows how blackguard infostealer stores stolen cookies from the chrome browser. the log file “ cookies _ chrome2. txt ” contains the session cooki…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1102.003One-Way Communication
46%
"various messaging applications on the compromised system. targeted applications include telegram and discord. the malware creates associated directories with the same name as the messaging application to hold the stolen data and then exfiltrates this data. figure 9 highlights a d…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1555.003Credentials from Web Browsers
36%
"powerful crimeware tool designed to steal the widest possible variety of personal data from a victim ’ s device. the combination of stolen account credentials, cryptocurrency wallet information, session cookies, screenshots and messaging history indicates that the authors probabl…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1185Browser Session Hijacking
35%
"fraud by impersonating victims and purchasing gift cards or performing financial transfers. - launching malware distribution attacks from the compromised accounts. figure 4 shows the variety of credentials stolen by blackguard, including usernames and passwords from online ecomme…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1005Data from Local System
34%
"the united states. figure 2. data exfiltrated by blackguard and stored in a compressed format. we analyzed these compressed files to understand the potential storage constructs used. since there was a risk that these compressed files could contain malware as well, the files were …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Your data is at risk. Are you equipped to combat the risks posed by BlackGuard?