Exfiltration Over Bluetooth - T1011.001 (613d08bc-e8f4-4791-80b0-c8b974340dfd)
Adversaries may attempt to exfiltrate data over Bluetooth rather than the command and control channel. If the command and control network is a wired Internet connection, an adversary may opt to exfiltrate data using a Bluetooth communication channel.
Adversaries may choose to do this if they have sufficient access and proximity. Bluetooth connections might not be secured or defended as well as the primary Internet-connected channel because it is not routed through the same enterprise network.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Exfiltration Over Other Network Medium - T1011 (51ea26b1-ff1e-4faa-b1a0-1114cd298c87) | Attack Pattern | Exfiltration Over Bluetooth - T1011.001 (613d08bc-e8f4-4791-80b0-c8b974340dfd) | Attack Pattern | 1 |