CAPEC-690

Metadata Spoofing
MEDIUM
HIGH
Stable
2022-09-29 00:00 +00:00

Alerte pour un CAPEC

Stay informed of any changes for a specific CAPEC.
Alert management

Description

An adversary alters the metadata of a resource (e.g., file, directory, repository, etc.) to present a malicious resource as legitimate/credible.

Informations

Prerequisites

Identification of a resource whose metadata is to be spoofed

Skills Required

Ability to spoof a variety of metadata to convince victims the source is trusted

Mitigations

Validate metadata of resources such as authors, timestamps, and statistics.
Confirm the pedigree of open source packages and ensure the code being downloaded does not originate from another source.
Even if the metadata is properly checked and a user believes it to be legitimate, there may still be a chance that they've been duped. Therefore, leverage automated testing techniques to determine where malicious areas of the code may exist.

Submission

Name Organization Date Date Release
CAPEC Content Team The MITRE Corporation 2022-09-29 +00:00
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.