Chapter 5 - Data Exfiltration Mechanisms

Abstract

This chapter covers the different data exfiltration mechanisms opted by attackers to extract data from infected systems. Exfiltration covers two sub-phases, that is, data stealing and data transmission to the attacker-controlled server. We talk about Web Injects, video and screenshot stealing, Form-grabbing, operating system information stealing etc., and using different transmission methods such as encryption, compression over different protocol channels such as HTTP/HTTPS, Peer-to-Peer (P2P), and Internet Relay Chat (IRC). Overall, this chapter shows the sophisticated modes of data exfiltration used in targeted attacks.