#T1217 Browser Information Discovery

Technique

  • Tactics: Discovery
  • Description:

    Adversaries may enumerate information about browsers to learn more about compromised environments. Data saved by browsers (such as bookmarks, accounts, and browsing history) may reveal a variety of personal information about users (e.g., banking sites, relationships/interests, social media, etc.) as well as details about internal network resources such as servers, tools/dashboards, or other related infrastructure.(Citation: Kaspersky Autofill)

    Browser information may also highlight additional targets after an adversary has access to valid credentials, especially [Credentials In Files](https://attack.mitre.org/techniques/T1552/001) associated with logins cached by a browser.

    Specific storage locations vary based on platform and/or application, but browser information is typically stored in local files and databases (e.g., `%APPDATA%/Google/Chrome`).(Citation: Chrome Roaming Profiles)

  • First Seen: APT38 • 2019-01-29
MITRE ATT&CK

Tagged Reports

2025-11-26
Socket
#ContagiousInterview #NPM #OtterCookie #T1204.005 #T1036 #T1555.001 #T1587 #T1583.006 #T1082 #T1119 #T1585 #T1547.001 #T1005 #T1059.007 #T1587.001 #T1539 #T1041 #T1113 #T1656 #T1608.001 #T1204.002 #T1571 #T1105 #T1195.002 #T1115 #T1083 #T1583.001 #T1497 #T1546.016 #T1555.003 #T1056.001 #T1657 #T1217
2025-10-10
Socket
#ContagiousInterview #NPM #T1119 #T1005 #T1059.007 #T1082 #T1083 #T1555.001 #T1041 #T1027.013 #T1546.016 #T1608.001 #T1204.002 #T1555.003 #T1105 #T1657 #T1217 #T1195.002
2025-08-29
Seqrite
#APT37 #LNK #RokRAT #T1102.002 #T1123 #T1027.013 #T1082 #T1566.001 #T1529 #T1087.001 #T1547.001 #T1140 #T1027.009 #T1005 #T1204.001 #T1070.004 #T1053.005 #T1041 #T1056.002 #T1113 #T1204.002 #T1055.009 #T1574.001 #T1055.001 #T1083 #T1059.001 #T1217
2025-08-25
Bloo
#GolangGhost #Lazarus #T1055.012 #T1190 #T1562.001 #T1036.007 #T1123 #T1059.005 #T1106 #T1036.003 #T1622 #T1059.010 #T1027.002 #T1132.002 #T1136.001 #T1057 #T1548.002 #T1059.003 #T1134.004 #T1566.001 #T1518.001 #T1614.001 #T1574.007 #T1573.001 #T1547.001 #T1140 #T1027.009 #T1005 #T1070.004 #T1027.007 #T1098.007 #T1041 #T1564.001 #T1010 #T1113 #T1219 #T1071.004 #T1021.002 #T1204.002 #T1055.002 #T1071.001 #T1574.002 #T1115 #T1083 #T1059.001 #T1555.003 #T1056.001 #T1566.002 #T1497.001 #T1217 #T1021.006
2025-08-25
MITRE
#AppleJeus #G1049 #T1573 #T1203 #T1543 #T1027 #T1102 #T1071 #T1574 #T1566 #T1620 #T1553 #T1218 #T1546 #T1078 #T1559 #T1678 #T1195 #T1055 #T1189 #T1657 #T1217
2025-07-15
Socket
#ContagiousInterview #NPM #XORIndex #T1119 #T1005 #T1059.007 #T1082 #T1083 #T1555.001 #T1041 #T1027.013 #T1546.016 #T1608.001 #T1204.002 #T1555.003 #T1105 #T1657 #T1217 #T1195.002
2025-06-25
Socket
#BeaverTail #ContagiousInterview #HexEval #NPM #T1119 #T1005 #T1059.007 #T1082 #T1083 #T1555.001 #T1041 #T1027.013 #T1546.016 #T1608.001 #T1204.002 #T1555.003 #T1056.001 #T1105 #T1657 #T1217 #T1195.002
2025-03-10
Socket
#Lazarus #NPM #T1119 #T1005 #T1059.007 #T1082 #T1083 #T1555.001 #T1041 #T1027.013 #T1546.016 #T1608.001 #T1204.002 #T1555.003 #T1105 #T1657 #T1217 #T1195.002
2025-02-20
ESET
#BeaverTail #DeceptiveDevelopment #InvisibleFerret #T1025 #T1567.004 #T1555.001 #T1027.013 #T1016 #T1071.002 #T1566.003 #T1564.003 #T1552.001 #T1583.003 #T1082 #T1614 #T1119 #T1059.003 #T1074.001 #T1140 #T1030 #T1585.001 #T1005 #T1059.007 #T1587.001 #T1041 #T1564.001 #T1010 #T1219 #T1608.001 #T1204.002 #T1571 #T1071.001 #T1059.006 #T1115 #T1083 #T1124 #T1555.003 #T1056.001 #T1133 #T1021.001 #T1095 #T1560.002 #T1657 #T1217
2024-08-26
MITRE
#G1036 #MoonstoneSleet #T1589 #T1608 #T1587 #T1016 #T1027 #T1071 #T1082 #T1566 #T1591 #T1585 #T1140 #T1598 #T1583 #T1195 #T1105 #T1547 #T1053 #T1486 #T1569 #T1033 #T1204 #T1217 #T1003
2024-08-05
KRNCSC
#Kimsuky #DoraRAT #TrollAgent #Andariel #T1119 #T1005 #T1083 #T1036 #T1074.001 #T1041 #T1113 #T1573.002 #T1195 #T1189 #T1204.002 #T1027.002 #T1071.001 #T1217
2022-12-22
Attack IQ
#Andariel #T1012 #T1016 #T1057 #T1082 #T1074.001 #T1016.001 #T1120 #T1218.011 #T1547.001 #T1197 #T1049 #T1041 #T1053.005 #T1105 #T1071.001 #T1218.010 #T1083 #T1486 #T1033 #T1036.005 #T1217
2022-04-15
Dragos
#Trend #WASSONITE #T1589 #T0840 #T1573 #T1036 #T1016 #T0884 #T0888 #T1071 #T0807 #T1056 #T1614 #T1082 #T1574 #T1566 #T1602 #T1591 #T0822 #T0858 #T1021 #T1480 #T1049 #T1584 #T0859 #T1140 #T1078 #T0806 #T1505 #T1041 #T1113 #T1555 #T1560 #T1564 #T0817 #T1132 #T1055 #T1547 #T1127 #T1083 #T1053 #T1189 #T1033 #T0819 #T1074 #T1059 #T1217
2020-08-26
USCISA
#BeagleBoyz #FASTCash2 #T1190 #T1562.001 #T1565.002 #T1543.003 #T1552.004 #T1056 #T1119 #T1565.003 #T1553.002 #T1485 #T1199 #T1021 #T1078 #T1010 #T1014 #T1574.001 #T1033 #T1203 #T1036 #T1012 #T1016 #T1059.005 #T1106 #T1027 #T1102 #T1071 #T1053.004 #T1027.005 #T1049 #T1140 #T1005 #T1129 #T1105 #T1110 #T1095 #T1489 #T1569.002 #T1573 #T1057 #T1082 #T1561.002 #T1518.001 #T1566.001 #T1548.003 #T1090 #T1041 #T1219 #T1560 #T1202 #T1562.003 #T1059.001 #T1189 #T1204 #T1070.006 #T1059 #T1101 #T1565.001 #T1056.004 #T1098 #T1547.001 #T1053.003 #T1562.006 #T1070.004 #T1505.003 #T1070.003 #T1113 #T1132.001 #T1020 #T1021.002 #T1218.001 #T1055 #T1087 #T1115 #T1083 #T1053 #T1486 #T1133 #T1021.001 #T1217
2019-01-29
MITRE
#G0082 #APT38 #T1562 #T1543 #T1106 #T1027 #T1071 #T1057 #T1056 #T1082 #T1566 #T1529 #T1485 #T1135 #T1049 #T1218 #T1005 #T1518 #T1505 #T1561 #T1105 #T1588 #T1565 #T1115 #T1070 #T1112 #T1083 #T1053 #T1486 #T1189 #T1569 #T1033 #T1110 #T1204 #T1059 #T1217
« Back