Atomic Red Team doc generator
52 lines
1.3 KiB
Markdown
52 lines
1.3 KiB
Markdown
# T1496 - Resource Hijacking
|
|
## [Description from ATT&CK](https://attack.mitre.org/techniques/T1496)
|
|
<blockquote>
|
|
|
|
Adversaries may leverage the resources of co-opted systems to complete resource-intensive tasks, which may impact system and/or hosted service availability.
|
|
|
|
Resource hijacking may take a number of different forms. For example, adversaries may:
|
|
|
|
* Leverage compute resources in order to mine cryptocurrency
|
|
* Sell network bandwidth to proxy networks
|
|
* Generate SMS traffic for profit
|
|
* Abuse cloud-based messaging services to send large quantities of spam messages
|
|
|
|
In some cases, adversaries may leverage multiple types of Resource Hijacking at once.(Citation: Sysdig Cryptojacking Proxyjacking 2023)
|
|
|
|
</blockquote>
|
|
|
|
## Atomic Tests
|
|
|
|
- [Atomic Test #1 - FreeBSD/macOS/Linux - Simulate CPU Load with Yes](#atomic-test-1---freebsdmacoslinux---simulate-cpu-load-with-yes)
|
|
|
|
|
|
<br/>
|
|
|
|
## Atomic Test #1 - FreeBSD/macOS/Linux - Simulate CPU Load with Yes
|
|
This test simulates a high CPU load as you might observe during cryptojacking attacks.
|
|
End the test by using CTRL/CMD+C to break.
|
|
|
|
**Supported Platforms:** Linux, macOS
|
|
|
|
|
|
**auto_generated_guid:** 904a5a0e-fb02-490d-9f8d-0e256eb37549
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#### Attack Commands: Run with `sh`!
|
|
|
|
|
|
```sh
|
|
yes > /dev/null
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<br/>
|