T1496 - Resource Hijacking
Description from ATT&CK (opens in a new tab)
Adversaries may leverage the resources of co-opted systems to complete resource-intensive tasks, which may impact system and/or hosted service availability.
Resource hijacking may take a number of different forms. For example, adversaries may:
- Leverage compute resources in order to mine cryptocurrency
- Sell network bandwidth to proxy networks
- Generate SMS traffic for profit
- Abuse cloud-based messaging services to send large quantities of spam messages
In some cases, adversaries may leverage multiple types of Resource Hijacking at once.(Citation: Sysdig Cryptojacking Proxyjacking 2023)
Atomic Tests
Atomic Test #1 - FreeBSD/macOS/Linux - Simulate CPU Load with Yes
This test simulates a high CPU load as you might observe during cryptojacking attacks. End the test by using CTRL/CMD+C to break.
Supported Platforms: Linux, macOS
auto_generated_guid: 904a5a0e-fb02-490d-9f8d-0e256eb37549
Attack Commands: Run with sh!
yes > /dev/null