Weaponization
- In Weaponization stage, An attacker would craft a “weapon of destruction”.
- The attack would prefer not to interact with the victim directly and, instead, he will create a “weaponizer” that, according to Lockheed Martin, combines malware and exploit into a deliverable payload.
- Most attackers usually use automated tools to generate the malware or refer to the DarkWeb to purchase the malware.
- More sophisticated actors or nation-sponsored APT (Advanced Persistent Threat Groups) would write their custom malware to make the malware sample unique and evade detection on the target.
Terminologies:
Malware is a program or software designed to damage, disrupt, or gain unauthorized access to a computer.
An exploit is a program or a code that takes advantage of the vulnerability or flaw in the application or system.
A payload is a malicious code that the attacker runs on the system.
Ex: [Creating an infected Microsoft Office document containing a malicious macro or VBA (Visual Basic for Applications) scripts.](Create an infected Microsoft Office document containing a malicious macro or VBA (Visual Basic for Applications) scripts.)