Dark Mode
Capec-690 Detail
Metadata Spoofing
Meta Social Engineering Supply Chain Software Likelihood: Medium Typical Severity: High
Children: 691
An adversary alters the metadata of a resource (e.g., file, directory, repository, etc.) to present a malicious resource as legitimate/credible.
One approach to this attack entails the adversary altering a maliciously modified resource's metadata in order to hide their malicious activity. Another approach involves altering the metadata of an adversary-created resource to make the source appear more credible. Adversaries may spoof a variety of metadata across a number of resources, such as the following: Authors of Version Control System (VCS) repository commits Open source package statistics File attributes, such as when a file was last update The ultimate goal of a Metadata Spoofing attack is to trick victims into believing the malicious resource being provided originates from a reputable source. However, the victim instead leverages the malicious resource, which could result in a number of negative technical impacts.
| External ID | Source | Link | Description |
|---|---|---|---|
| CAPEC-690 | capec | https://capec.mitre.org/data/definitions/690.html |
Not present
- Identification of a resource whose metadata is to be spoofed
Not present
| Medium |
|---|
| Ability to spoof a variety of metadata to convince victims the source is trusted |
| Integrity | Authorization | Access Control | Accountability |
|---|---|---|---|
| Modify Data | Execute Unauthorized Commands | Execute Unauthorized Commands | Hide Activities |
Not present