Complete the form to download
Understanding the malicious use of encryption
Page Visit: User machine (victim A) visits a compromised good site.
Exploit Kit Execution: As the web content is served to the client, a small piece of software is ownloaded to the user's device where a sequence of commands is executed to exploit software vulnerabilities on the client machine.
Malware Request: Once the exploit kit operator gets control of that machine, a request command is made to a malware hosting website that delivers the malware.
Malware Infection: Victim A now has malware installed.
C&C: The malware communicates back to a Command and Control infrastructure for more instructions.
Data Exfiltration: Data from Victim A’s machine is copied to an external server for processing.
Victim B: Attackers often elevate their access rights at this stage allowing them to move laterally within the network and infect other endpoints.
Encryption: The new reality is that encryption can be implemented at any phase of this attack to evade detection.