CAPEC-690: Metadata Spoofing

Description
<p>An adversary alters the metadata of a resource (e.g., file, directory, repository, etc.) to present a malicious resource as legitimate/credible.<p>
Extended Description

One approach to this attack entails the adversary altering a maliciously modified resource's metadata in order to hide their malicious activity. Another approach involves altering the metadata of an adversary-created resource to make the source appear more credible. Adversaries may spoof a variety of metadata across a number of resources, such as the following:

  • Authors of Version Control System (VCS) repository commits
  • Open source package statistics
  • File attributes, such as when a file was last update

    • The ultimate goal of a Metadata Spoofing attack is to trick victims into believing the malicious resource being provided originates from a reputable source. However, the victim instead leverages the malicious resource, which could result in a number of negative technical impacts.

Severity :

High

Possibility :

Medium

Type :

Meta
Relationships with other CAPECs

This table shows the other attack patterns and high level categories that are related to this attack pattern.

CAPEC-691: Spoof Open-Source Software Metadata Spoof Open-Source Software Metadata
Prerequisites

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • Identification of a resource whose metadata is to be spoofed
Skills required

This table shows the other attack patterns and high level categories that are related to this attack pattern.

  • Medium Ability to spoof a variety of metadata to convince victims the source is trusted
Taxonomy mappings

Mappings to ATT&CK, OWASP and other frameworks.

Related CWE

A Related Weakness relationship associates a weakness with this attack pattern. Each association implies a weakness that must exist for a given attack to be successful.

Visit http://capec.mitre.org/ for more details.