Compromise Software Supply Chain (T1195.002)

Adversaries may manipulate application software prior to receipt by a final consumer for the purpose of data or system compromise. Supply chain compromise of software can take place in a number of ways, including manipulation of the application source code, manipulation of the update/distribution mechanism for that software, or replacing compiled releases with a modified version. Targeting may be specific to a desired victim set or may be distributed to a broad set of consumers but only move on to additional tactics on specific victims.(Citation: Avast CCleaner3 2018)(Citation: Command Five SK 2011)

Source: https://github.com/mitre/cti
Related Prelude attack chains
Release Date (Newest)
Filterfilter
Search for chains, TTPs, themes, and text

Browse By:

Platforms

  • All
  • Windows
  • Linux
  • Darwin
  • Global
  • Android

Themes

Tags

Licenses

APT38 CryptoSpy

2022-06-07

/static/assets/windows-logo.svg
Launch a pneuma agent hidden in a crypto ticker application.
B1-66ER (Initial Access)

2021-09-28

/static/assets/linux-logo.svg
Gain initial access by installing SciPy with concealed Schism agent