ExfiltrationIn the exfiltration phase, attackers move the data they’ve collected out of the compromised environment to their own infrastructure, allowing them to access and leverage the information externally. Exfiltration techniques vary depending on the attacker’s goals, network controls, and the data’s sensitivity. Common methods include using removable media, command-and-control (C2) channel..