Install Insecure or Malicious Configuration (T1478)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Install Insecure or Malicious Configuration

Associated Tactics

  • Defense Evasion
  • Initial Access

Defense Evasion (TA0030)

The adversary is trying to avoid being detected. Defense evasion consists of techniques an adversary may use to evade detection or avoid other defenses. Sometimes these actions are the same as or variations of techniques in other categories that have the added benefit of subverting a particular defense or mitigation. Defense evasion may be considered a set of attributes the adversary applies to all other phases of the operation.

View on ATT&CK

Procedure Examples

Description Source(s)
Warren Mercer, Paul Rascagneres, Andrew Williams. (2018, July 12). Advanced Mobile Malware Campaign in India uses Malicious MDM. Retrieved September 24, 2018. Talos-MDM
Yair Amit. (2013, March 12). Malicious Profiles – The Sleeping Giant of iOS Security. Retrieved September 24, 2018. Symantec-iOSProfile
NIST Mobile Threat Catalogue