Dark Mode
Capec-535 Detail
Malicious Gray Market Hardware
Detailed Supply Chain Physical Security Hardware Likelihood: Low Typical Severity: High
Parents: 531
An attacker maliciously alters hardware components that will be sold on the gray market, allowing for victim disruption and compromise when the victim needs replacement hardware components for systems where the parts are no longer in regular supply from original suppliers, or where the hardware components from the attacker seems to be a great benefit from a cost perspective.
Not present
| External ID | Source | Link | Description |
|---|---|---|---|
| CAPEC-535 | capec | https://capec.mitre.org/data/definitions/535.html | |
| REF-439 | reference_from_CAPEC | http://www.mitre.org/sites/default/files/publications/supply-chain-attack-framework-14-0228.pdf | John F. Miller, Supply Chain Attack Framework and Attack Patterns, 2013, The MITRE Corporation |
Not present
- Physical access to a gray market reseller's hardware components supply, or the ability to appear as a gray market reseller to the victim's buyer.
Not present
| High |
|---|
| Able to develop and manufacture malicious hardware components that perform the same functions and processes as their non-malicious counterparts. |
Not present
- An attacker develops co-processor boards with malicious capabilities that are technically the same as a manufacturer's expensive upgrade to their flagship system. The victim has installed the manufacturer's base system without the expensive upgrade. The attacker contacts the victim and states they have the co-processor boards at a drastically-reduced price, falsely stating they were acquired from a bankruptcy liquidation of a company that had purchased them from the manufacturer. The victim after hearing the drastically reduced price decides to take advantage of the situation and purchases the upgrades from the attacker, and installs them. This allows the attacker to further compromise the victim.