Hacker Archetypes - D&D Classes
How Unparalleled RDP Monitoring Reveal Attackers’ Tradecraft - GoSecure
https://www.gosecure.net/blog/2023/08/09/how-unparalleled-rdp-monitoring-reveal-attackers-tradecraft/
Luring threat actors into RDP traps reveals attackers' tactics. This blog summarizes an hour-long presentation about what can be found in those traps.
Researchers analyzed 190 million hacking events on a honeynet and categorized the types of hackers into Dungeons and Dragons classses.
Rangers evaluate the system and set conditions for a follow-on attack.
Thieves install cryptominers and other profiteering software.
Barbarians attempt to brute force their way into adjacent systems.
Wizards connect the newly compromised system to a previous to establish 'portals' to tunnel through to obscure their identity.
Bards have no apparent hacking skill and likely purchase or otherwise acquired access. They perform basic computer tasks.