Modify Trusted Execution Environment (T1399)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Modify Trusted Execution Environment

Associated Tactics

  • Defense Evasion
  • Persistence

Defense Evasion (TA0030)

The adversary is trying to avoid being detected. Defense evasion consists of techniques an adversary may use to evade detection or avoid other defenses. Sometimes these actions are the same as or variations of techniques in other categories that have the added benefit of subverting a particular defense or mitigation. Defense evasion may be considered a set of attributes the adversary applies to all other phases of the operation.

View on ATT&CK

Procedure Examples

Description Source(s)
Apple. (2016, May). iOS Security. Retrieved December 21, 2016. Apple-iOSSecurityGuide
Thomas Roth. (2013). Next generation mobile rootkits. Retrieved December 21, 2016. Roth-Rootkits
NIST Mobile Threat Catalogue