CAPEC-698

Detailed Abstraction Level
Meta — Very abstract, high-level category
Standard — Specific enough to understand
Detailed — Tied to specific technique
Stable MITRE CAPEC Status
Stable — Fully reviewed and complete
Draft — Under development
Incomplete — Partially defined
Deprecated — No longer recommended
Obsolete — Replaced by another CAPEC
Likelihood: Medium Severity: High
Install Malicious Extension

Description

An adversary directly installs or tricks a user into installing a malicious extension into existing trusted software, with the goal of achieving a variety of negative technical impacts.

Prerequisites

The adversary must craft malware based on the type of software and system(s) they intend to exploit.

If the adversary intends to install the malicious extension themself, they must first compromise the target machine via some other means.

Mitigations

Only install extensions/plugins from official/verifiable sources.

Confirm extensions/plugins are legitimate and not malware masquerading as a legitimate extension/plugin.

Ensure the underlying software leveraging the extension/plugin (including operating systems) is up-to-date.

Implement an extension/plugin allow list, based on the given security policy.

If applicable, confirm extensions/plugins are properly signed by the official developers.

For web browsers, close sessions when finished to prevent malicious extensions/plugins from executing the the background.

Skills Required

[Medium] Ability to create malicious extensions that can exploit specific software applications and systems.

[Medium] Optional: Ability to exploit target system(s) via other means in order to gain entry.