216.73.216.133

T1474.001: Compromise Software Dependencies and Development Tools

View on MITRE ATT&CK The MITRE Corporation · Published 28/03/2022 21:31 · Modified 27/03/2026 01:41

Essential information

MITRE technique ID
T1474.001
Confidence
100/100
Revoked
No
Published
28/03/2022 21:31
Modified
27/03/2026 01:41
Author / Source
The MITRE Corporation

Platforms

android iOS

Description

Adversaries may manipulate products or product delivery mechanisms prior to receipt by a final consumer for the purpose of data or system compromise. Applications often depend on external software to function properly. Popular open source projects that are used as dependencies in many applications may be targeted as a means to add malicious code to users of the dependency.(Citation: Grace-Advertisement)

Kill chain phases

Kill chainPhase
mitre-mobile-attack initial-access

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references