CAPEC-473: Signature Spoof
ID
CAPEC-473
Status
Draft
An attacker generates a message or datablock that causes the recipient to believe that the message or datablock was generated and cryptographically signed by an authoritative or reputable source, misleading a victim or victim operating system into performing malicious actions.
Weaknesses
Taxonomiy Mapping
Type | # ID | Name |
---|---|---|
ATTACK | 1036.001 | Masquerading: Invalid Code Signature |
ATTACK | 1553.002 | Subvert Trust Controls: Code Signing |