You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
TREND MICRO | TrendLabs 2014 Targeted Attack Campaign Report<br />
Data-Exfiltration Techniques<br />
• Threat actors abused legitimate cloud storage services such as OneDrive, Google Drive, Dropbox,<br />
Baidu Cloud Network Drive, Gmail, Plurk, Facebook, Twitter, Evernote, and Pastebin for data<br />
exfiltration. In such cases, stolen data was temporarily “parked” on legitimate platforms to evade<br />
detection and for easy transfer.<br />
• Use of the victims’ Web and File Transfer Protocol (FTP) servers and portals was also seen, along with the<br />
continued employment of traditional C&C servers for data exfiltration.<br />
16 | Targeted Attack Trends