Common Information
| Type | Value |
|---|---|
| Value |
Asymmetric Cryptography - T1573.002 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may employ a known asymmetric encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Asymmetric cryptography, also known as public key cryptography, uses a keypair per party: one public that can be freely distributed, and one private. Due to how the keys are generated, the sender encrypts data with the receiver’s public key and the receiver decrypts the data with their private key. This ensures that only the intended recipient can read the encrypted data. Common public key encryption algorithms include RSA and ElGamal. For efficiency, many protocols (including SSL/TLS) use symmetric cryptography once a connection is established, but use asymmetric cryptography to establish or transmit a key. As such, these protocols are classified as [Asymmetric Cryptography](https://attack.mitre.org/techniques/T1573/002). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2021-08-10 | 105 | UNC215: Spotlight on a Chinese Espionage Campaign in Israel | Mandiant | ||
| Details | Website | 2021-07-05 | 79 | Kaseya, Sera. What REvil Shall Encrypt, Shall Encrypt | ||
| Details | Website | 2021-05-25 | 32 | Evolution of JSWorm ransomware | ||
| Details | Website | 2021-05-04 | 133 | The UNC2529 Triple Double: A Trifecta Phishing Campaign | Mandiant | ||
| Details | Website | 2021-04-29 | 101 | UNC2447 SOMBRAT and FIVEHANDS Ransomware: A Sophisticated Financial Threat | Mandiant | ||
| Details | Website | 2021-04-08 | 54 | (Are you) afreight of the dark? Watch out for Vyveva, new Lazarus backdoor | WeLiveSecurity | ||
| Details | Website | 2021-03-11 | 181 | Whitelist Me, Maybe? “Netbounce” Threat Actor Tries A Bold Approach To Evade Detection | FortiGurad Labs | ||
| Details | Website | 2021-02-25 | 190 | So Unchill: Melting UNC2198 ICEDID to Ransomware Operations | Mandiant | ||
| Details | Website | 2021-02-09 | 34 | BendyBear: Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTech | ||
| Details | Website | 2021-01-12 | 216 | Abusing cloud services to fly under the radar | ||
| Details | Website | 2021-01-12 | 215 | Abusing cloud services to fly under the radar | ||
| Details | Website | 2020-12-22 | 66 | Spicy Hot Pot Rootkit: Finding, Hunting, and Eradicating It | ||
| Details | Website | 2020-12-10 | 5 | Game On - Finding vulnerabilities in Valve’s “Steam Sockets” - Check Point Research | ||
| Details | Website | 2020-12-02 | 100 | IcedID Stealer Man-in-the-browser Banking Trojan | ||
| Details | Website | 2020-10-24 | 31 | Emotet Malware | CISA | ||
| Details | Website | 2020-10-08 | 2 | Shining a light on SunCrypt’s curious file encryption mechanism » Tesorion Cybersecurity Solutions | ||
| Details | Website | 2020-08-17 | 30 | WellMess malware: analysis of its Command and Control (C2) server | ||
| Details | Website | 2020-07-16 | 131 | How WellMess malware has been used to target COVID-19 vaccines | ||
| Details | Website | 2020-07-16 | 120 | MAR-10296782-2.v1 – WELLMESS | CISA | ||
| Details | Website | 2019-07-16 | 8 | SKS Keyserver Network Under Attack | ||
| Details | Website | 2019-03-28 | 1 | The Challenges of SSL Decryption for Network Visibility | Niagara Networks | ||
| Details | Website | 2019-02-24 | 1 | PS Vita: a 6-year hacking journey comes to an end as the very last layer of the Vita crypto security is defeated - Wololo.net | ||
| Details | Website | 2018-11-27 | 0 | Malwarebytes' 2019 security predictions | Malwarebytes Labs | ||
| Details | Website | 2018-08-24 | 0 | A Cryptocurrency Primer - Secplicity - Security Simplified | ||
| Details | Website | 2018-07-13 | 0 | JavaCard: The execution environment you didn’t know you were using |