test_scratch
/
cti-ATT-CK-v13.1
/pre-attack
/attack-pattern
/attack-pattern--3d1488a6-59e6-455a-8b80-78b53edc33fe.json
{ | |
"type": "bundle", | |
"id": "bundle--0f147bb6-4652-4f1c-b0b9-e909147272d7", | |
"spec_version": "2.0", | |
"objects": [ | |
{ | |
"id": "attack-pattern--3d1488a6-59e6-455a-8b80-78b53edc33fe", | |
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", | |
"name": "Obtain booter/stressor subscription", | |
"description": "This object is deprecated as its content has been merged into the enterprise domain. Please see the [PRE](http://attack.mitre.org/matrices/enterprise/pre/) matrix for its replacement. The prior content of this page has been preserved [here](https://attack.mitre.org/versions/v7/techniques/T1396).\n\nConfigure and setup booter/stressor services, often intended for server stress testing, to enable denial of service attacks. (Citation: Krebs-Anna) (Citation: Krebs-Booter) (Citation: Krebs-Bazaar)", | |
"external_references": [ | |
{ | |
"source_name": "mitre-pre-attack", | |
"url": "https://attack.mitre.org/techniques/T1396", | |
"external_id": "T1396" | |
}, | |
{ | |
"source_name": "Krebs-Anna", | |
"description": "Brian Krebs. (2017, January 18). Who is Anna-Senpai, the Mirai Worm Author?. Retrieved May 15, 2017.", | |
"url": "https://krebsonsecurity.com/2017/01/who-is-anna-senpai-the-mirai-worm-author/" | |
}, | |
{ | |
"source_name": "Krebs-Booter", | |
"description": "Brian Krebs. (2016, October 27). Are the Days of \u201cBooter\u201d Services Numbered?. Retrieved May 15, 2017.", | |
"url": "https://krebsonsecurity.com/2016/10/are-the-days-of-booter-services-numbered/" | |
}, | |
{ | |
"source_name": "Krebs-Bazaar", | |
"description": "Brian Krebs. (2016, October 31). Hackforums Shutters Booter Service Bazaar. Retrieved May 15, 2017.", | |
"url": "https://krebsonsecurity.com/2016/10/hackforums-shutters-booter-service-bazaar/" | |
} | |
], | |
"object_marking_refs": [ | |
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" | |
], | |
"type": "attack-pattern", | |
"kill_chain_phases": [ | |
{ | |
"kill_chain_name": "mitre-pre-attack", | |
"phase_name": "establish-&-maintain-infrastructure" | |
} | |
], | |
"modified": "2020-10-26T13:42:49.342Z", | |
"created": "2017-12-14T16:46:06.044Z", | |
"x_mitre_old_attack_id": "PRE-T1173", | |
"x_mitre_version": "1.0", | |
"x_mitre_difficulty_for_adversary_explanation": "Easily accessible and used to launch DDoS attacks by even novice Internet users, and can be purchased from providers for a nominal fee, some of which even accept credit cards and PayPal payments to do.", | |
"x_mitre_difficulty_for_adversary": "Yes", | |
"x_mitre_detectable_by_common_defenses_explanation": "Purchase of booster services is not observable; potentially can trace booster service used to origin of sale, yet not before attack is executed. Furthermore, subscription does not automatically mean foul intention.", | |
"x_mitre_detectable_by_common_defenses": "No", | |
"x_mitre_deprecated": true | |
} | |
] | |
} |