Skip to content

Hide Navigation Hide TOC

Obfuscated Credential Exfiltration via Encoding - ATR-2026-00152 (2671b827-0725-5d4c-b2b2-167b57277748)

Detects attempts to leak credentials using partial obfuscation techniques: AES256() wrapping, hex encoding references, rot13, or "encrypted key" framing that presents real credentials as encrypted data to bypass content filters. Crystallized from 16 partial_obfuscation samples.

Cluster A Galaxy A Cluster B Galaxy B Level
LLM Data Leakage (45d378aa-20ae-401d-bf61-7f00104eeaca) MITRE ATLAS Attack Pattern Obfuscated Credential Exfiltration via Encoding - ATR-2026-00152 (2671b827-0725-5d4c-b2b2-167b57277748) Agent Threat Rules 1