CAPEC-690

Meta Abstraction Level
Meta — Very abstract, high-level category
Standard — Specific enough to understand
Detailed — Tied to specific technique
Stable MITRE CAPEC Status
Stable — Fully reviewed and complete
Draft — Under development
Incomplete — Partially defined
Deprecated — No longer recommended
Obsolete — Replaced by another CAPEC
Likelihood: Medium Severity: High
Metadata Spoofing

Description

An adversary alters the metadata of a resource (e.g., file, directory, repository, etc.) to present a malicious resource as legitimate/credible.

Prerequisites

Identification of a resource whose metadata is to be spoofed

Mitigations

Validate metadata of resources such as authors, timestamps, and statistics.

Confirm the pedigree of open source packages and ensure the code being downloaded does not originate from another source.

Even if the metadata is properly checked and a user believes it to be legitimate, there may still be a chance that they've been duped. Therefore, leverage automated testing techniques to determine where malicious areas of the code may exist.

Skills Required

[Medium] Ability to spoof a variety of metadata to convince victims the source is trusted