MITRE ATT&CK / T1011.001
T1011.001
Exfiltration Over Bluetooth
SUB-TECHNIQUE Exfiltration
Description
Adversaries may attempt to exfiltrate data over Bluetooth rather than the command and control channel. If the command and control network is a wired Internet connection, an adversary may opt to exfiltrate data using a Bluetooth communication channel.Adversaries may choose to do this if they have sufficient access and proximity. Bluetooth connections might not be secured or defended as well as the primary Internet-connected channel because it is not routed through the same enterprise network.
Platforms
LinuxmacOSWindows
Mitigations
- M1042 — Disable or Remove Feature or Program
- M1028 — Operating System Configuration
Look up any technique
Use our free MITRE ATT&CK lookup tool, or browse the full ATT&CK matrix.
Source: MITRE ATT&CK Enterprise matrix. View on attack.mitre.org →