8bb63006b6
- Merged C00145 into C00178. Deleted C00145 - Updated text in C00144 - Added warning label to C000139 - Merged C00137 into C00149. Deleted C00137 - Moved C00090 to TA07 - Updated text in C00211 - Updated text in C00030 - Merged C00158 into C00073. Deleted C00158 - Merged C00102 into C00101. Deleted C00102 - Merged C00089 into C00101. Deleted C00089 - Added note to C00200 - Merged C00194 into C00174. Deleted C00194 - Merged C00151 into C00190. Deleted C00151 - Updated text in C00182 - Added warning to C00122 - Updated text in C00211 - Updated text in C00030 - Merged C00215 into C00012. Deleted C00215 - Merged C00214 into C00012. Deleted C000214 - Merged C00196 into C00012. Deleted C000196 - Updated text in C00111 - Merged C00167 into C00026. Deleted C00167 - Added warning to C00056 - Updated text in C00172 - Merged C00171 into C00107. Deleted C00171 - Updated text in C00103 - Merged C00110 into C00195. Deleted C00110 - Updated text in C00117 - Merged C00193 into C00188. Deleted C00193 - Merged C00204 into C00188. Deleted C00204 - Moved C00217 to detections F00094
904 B
904 B
Counter C00182: Redirection / malware detection/ remediation
-
Summary: Detect redirction or malware, then quarantine or delete. Example: (2015) Trustwave reported that a Bedep Trojan malware kit had begun infecting machines and forcing them to browse certain sites, artificially inflating traffic to a set of pro-Russia
-
Playbooks:
-
Metatechnique: M005 - removal
-
Resources needed:
-
Belongs to tactic stage: TA09
| Actors | Sectors |
|---|---|
| A027 information security | Other Tech Company |
| Counters these Tactics |
|---|
| Counters these Techniques |
|---|
| T0011 Hijack legitimate account |
| T0054 Twitter bots amplify |
| Seen in incidents |
|---|
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW