Sign InSign Up

What is a Living off the Land Attack | Definition and Meaning

Last modified on Wednesday, May 8, 2024

1 minute read

Defining Living off the Land Attack

A Living off the Land Attack (LotL Attack) employs legitimate system software called binaries, scripts, and libraries for malicious purposes. Living off the land attacks are made possible through the known and unknown interactions between thousands of preinstalled binaries, scripts, and libraries. Many AV technologies were unable to detect this sort of attack in 2021, this is due to several reasons, because they're employing legitimate code and it can therefore be difficult to differentiate between the binary being used for its intended purpose, and code being used maliciously. Another reason is that they live in-memory, leaving no attack footprint on the hard drive. Some attacks may exist as a hybrid, reducing their attack surface by employing lolbins, lolscripts, and lollibs, but which may not be completely fileless. Detection is difficult, and blocking the malware can be difficult due to a high false positive rate.

See also:

Living off the Land Attack Synonyms:

  • LotL Attack

Share this article

Stellastra The Cyber Security Comparison Platform

© 2024 Stellastra Ltd. All rights reserved. All names, logos, trademarks, et al, belong to their respective owners. No endorsement or partnership is necessarily implied between company and Stellastra and vice versa. Information is provided for convenience only on an as is basis. For the most up to date information, contact vendor directly. Scores including email security, SPF, and DMARC are calculated based on Stellastra's algorithms and other analyses may return different results.



About StellastraContact usCyber Security Risk ScoreEmail Deliverability ToolStellastra Discover

Stay up to date

Stellastra The Cyber Security Comparison Platform