en-US
search-icon

Defeating Encrypted Threats

Complete the form to download

Understanding the malicious use of encryption

Page Visit: User machine (victim A) visits a compromised good site.

Exploit Kit Execution: As the web content is served to the client, a small piece of software is  ownloaded to the user's device where a sequence of commands is executed to exploit software vulnerabilities on the client machine.

Malware Request: Once the exploit kit operator gets control of that machine, a request command is made to a malware hosting website that delivers the malware.

Malware Infection: Victim A now has malware installed.

C&C: The malware communicates back to a Command and Control infrastructure for more instructions.

Data Exfiltration: Data from Victim A’s machine is copied to an external server for processing.

Victim B: Attackers often elevate their access rights at this stage allowing them to move laterally within the network and infect other endpoints.

Encryption: The new reality is that encryption can be implemented at any phase of this attack to evade detection.