Botnet - T1583.005 (31225cd3-cd46-4575-b287-c2c14011c074)
Adversaries may buy, lease, or rent a network of compromised systems that can be used during targeting. A botnet is a network of compromised systems that can be instructed to perform coordinated tasks.(Citation: Norton Botnet) Adversaries may purchase a subscription to use an existing botnet from a booter/stresser service. With a botnet at their disposal, adversaries may perform follow-on activity such as large-scale Phishing or Distributed Denial of Service (DDoS).(Citation: Imperva DDoS for Hire)(Citation: Krebs-Anna)(Citation: Krebs-Bazaar)(Citation: Krebs-Booter)
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Botnet - T1583.005 (31225cd3-cd46-4575-b287-c2c14011c074) | Attack Pattern | Acquire Infrastructure - T1583 (0458aab9-ad42-4eac-9e22-706a95bafee2) | Attack Pattern | 1 |