← All stories

Huntress

Top Hacker Tradecraft That Caught Our Eye in 2020 | Huntress

2020-12-22 · Read original ↗

ATT&CK techniques detected

7 predictions

T1486Data Encrypted for Impact

98%

"and healthcare providers. another major change when it came to ransomware was when it was used in the attack cycle. back in 2019, we ’ d typically see that as soon as an attacker gained initial access and made their way in, they would immediately drop the ransomware or their choi…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1486Data Encrypted for Impact

97%

". hackers get more tactical with ransomware if you ’ re a hacker in 2020, ransomware is truly one of the basic gifts that keeps on giving. the beginning of this year started right after the peak of when msps and their tools were being targeted by ransomware campaigns. 2019 was a …"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1486Data Encrypted for Impact

94%

"top hacker tradecraft that caught our eye in 2020 | huntress as the year - that - must - not - be - named comes to a close, we ’ ve decided to take a look back at some of the more interesting — and innovative — hacker tradecraft we saw over these past 12 months. we also covered t…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1204.002Malicious File

83%

"##sion both stayed the same and changed. it stayed the same in the sense of how attackers are using it — avoiding detection by hiding in trusted processes, using legitimate applications to obfuscate malicious scripts, and disabling security software, among other things. but it ’ …"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1542.001System Firmware

80%

"and indirection — such as running a batch file from a vbscript that then calls the actual payload. it ’ s the same technique but with just enough obfuscation to get around being found. to stay in the fight, attackers are constantly looking for ways to expand their foothold. we ac…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1657Financial Theft

54%

"have to pay up to get access back. but then they hit you with, “ we have a copy of your files and we ’ re either going to sell it, disclose it or tell auditors you ’ ve been compromised unless you pay us again. ” and to add insult to injury, attackers have caught on to the fact t…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1490Inhibit System Recovery

40%

"have to pay up to get access back. but then they hit you with, “ we have a copy of your files and we ’ re either going to sell it, disclose it or tell auditors you ’ ve been compromised unless you pay us again. ” and to add insult to injury, attackers have caught on to the fact t…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

Summary

We take a look back at some of the more interesting — and innovative — hacker tradecraft we saw over the course of 2020.