diff --git a/monkey/infection_monkey/exploit/hadoop.py b/monkey/infection_monkey/exploit/hadoop.py
index c12be142d..ff6e9274b 100644
--- a/monkey/infection_monkey/exploit/hadoop.py
+++ b/monkey/infection_monkey/exploit/hadoop.py
@@ -13,7 +13,11 @@ import string
 import requests
 
 from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
-from common.tags import T1203_ATTACK_TECHNIQUE_TAG
+from common.tags import (
+    T1203_ATTACK_TECHNIQUE_TAG,
+    T1210_ATTACK_TECHNIQUE_TAG,
+    T1570_ATTACK_TECHNIQUE_TAG,
+)
 from infection_monkey.exploit.tools.helpers import get_agent_dst_path
 from infection_monkey.exploit.tools.http_tools import HTTPTools
 from infection_monkey.exploit.web_rce import WebRCE
@@ -28,6 +32,8 @@ from infection_monkey.utils.commands import build_monkey_commandline
 logger = logging.getLogger(__name__)
 
 HADOOP_EXPLOITER_TAG = "hadoop-exploiter"
+EXPLOIT_TAGS = (HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG, T1210_ATTACK_TECHNIQUE_TAG)
+PROPAGATION_TAGS = (HADOOP_EXPLOITER_TAG, T1570_ATTACK_TECHNIQUE_TAG)
 
 
 class HadoopExploiter(WebRCE):
@@ -51,7 +57,7 @@ class HadoopExploiter(WebRCE):
                 target=self.host.ip_addr,
                 exploitation_success=False,
                 error_message=self.exploit_result.error_message,
-                tags=(HADOOP_EXPLOITER_TAG,),
+                tags=PROPAGATION_TAGS,
             )
             return self.exploit_result
 
@@ -61,7 +67,6 @@ class HadoopExploiter(WebRCE):
             self.host, str(monkey_path_on_victim), self.agent_binary_repository
         )
 
-        tags = (HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG)
         try:
             command = self._build_command(monkey_path_on_victim, http_path)
 
@@ -73,16 +78,22 @@ class HadoopExploiter(WebRCE):
                 self._publish_propagation_event(
                     target=self.host.ip_addr,
                     propagation_success=True,
-                    tags=(HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG),
+                    tags=PROPAGATION_TAGS,
                 )
             else:
                 error_message = f"Failed to exploit via {self.vulnerable_urls[0]}"
-                self._publish_exploitation_event(self.host.ip_addr, False, tags, error_message)
-                self._publish_propagation_event(self.host.ip_addr, False, tags, error_message)
+                self._publish_exploitation_event(
+                    self.host.ip_addr, False, EXPLOIT_TAGS, error_message
+                )
+                self._publish_propagation_event(
+                    self.host.ip_addr, False, PROPAGATION_TAGS, error_message
+                )
         except requests.RequestException as err:
             error_message = str(err)
-            self._publish_exploitation_event(self.host.ip_addr, False, tags, error_message)
-            self._publish_propagation_event(self.host.ip_addr, False, tags, error_message)
+            self._publish_exploitation_event(self.host.ip_addr, False, EXPLOIT_TAGS, error_message)
+            self._publish_propagation_event(
+                self.host.ip_addr, False, PROPAGATION_TAGS, error_message
+            )
         finally:
             http_thread.join(self.DOWNLOAD_TIMEOUT)
             http_thread.stop()
@@ -121,7 +132,7 @@ class HadoopExploiter(WebRCE):
             self._publish_exploitation_event(
                 target=self.host.ip_addr,
                 exploitation_success=True,
-                tags=(HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG),
+                tags=EXPLOIT_TAGS,
             )
         return success