An adversary alters the metadata of a resource (e.g., file, directory, repository, etc.) to present a malicious resource as legitimate/credible.
|
|
| ID | CAPEC-690 |
| Latest Sync Date | 11/05/25 15:15:38 |
| Original ID | 690 |
| Abstraction | Meta |
| Status | Stable |
| Alternate Terms | |
| Likelihood Of Attack | Medium |
| Typical Severity | High |
| Related Attack Patterns | |
| Execution Flow | |
| Prerequisites | ::Identification of a resource whose metadata is to be spoofed:: |
| Skills Required | ::SKILL:Ability to spoof a variety of metadata to convince victims the source is trusted:LEVEL:Medium:: |
| Resources Required | |
| Indicators | |
| Consequences | ::SCOPE:Integrity:TECHNICAL IMPACT:Modify Data::SCOPE:Accountability:TECHNICAL IMPACT:Hide Activities::SCOPE:Access Control:SCOPE:Authorization:TECHNICAL IMPACT:Execute Unauthorized Commands:: |
| Mitigations | ::Validate metadata of resources such as authors, timestamps, and statistics.::Confirm the pedigree of open source packages and ensure the code being downloaded does not originate from another source.::Even if the metadata is properly checked and a user believes it to be legitimate, there may still be a chance that they've been duped. Therefore, leverage automated testing techniques to determine where malicious areas of the code may exist.:: |
| Example Instances | |
| Related Weaknesses | |
| Taxonomy Mappings | |
| Notes | |