ATT&CK matrix
T1496
Resource Hijacking
2 CVEs mapped
TA0040Impact
Adversaries may leverage the resources of co-opted systems to complete resource-intensive tasks, which may impact system and/or hosted service availability.
Resource hijacking may take a number of different forms. For example, adversaries may:
* Leverage compute resources in order to mine cryptocurrency
* Sell network bandwidth to proxy networks
* Generate SMS traffic for profit
* Abuse cloud-based messaging services to send large quantities of spam messages
In some cases, adversaries may leverage multiple types of Resource Hijacking at once.(Citation: Sysdig Cryptojacking Proxyjacking 2023)
Platforms6
WindowsIaaSLinuxmacOSContainersSaaS
CVEs mapped to this technique2
| CVE | Description | Severity | EPSS | Flags | Modified |
|---|---|---|---|---|---|
| CVE-2018-11084 | Cloud Foundry Garden-runC release, versions prior to 1.16.1, prevents deletion of some app environments based on file attributes. A remote authenticated malicious user may create and delete apps with crafted file attributes to cause a denial of service for new app instances or scaling up of existing apps. | NONE | 1.18%p64 | 2024-11-21 | |
| CVE-2020-16200 | Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not properly control the allocation and maintenance of a limited resource, thereby enabling an attacker to influence the amount of resources consumed, eventually leading to the exhaustion of available resources. | MEDIUM6.5 | 0.58%p43 | 2025-06-04 |