| ID | F0016 |
| Objective(s) | Privilege Escalation |
| Related ATT&CK Techniques | Stage Capabilities: Install Digital Certificate (T1608.003) |
| Version | 2.1 |
| Created | 2 August 2022 |
| Last Modified | 10 February 2024 |
Malware may install a malicious or fraudulent certificate onto a victim's system. This can be used to facilitate a variety of attacks, such as man-in-the-middle attacks, where the attacker intercepts and potentially alters communication between two parties without their knowledge. By installing a certificate, the malware can trick the system into trusting it, allowing the attacker to bypass security measures, intercept sensitive data, or deliver additional malicious payloads. This technique can also be used to impersonate websites or services, tricking the user into revealing sensitive information.
| Name | Date | Method | Description |
|---|---|---|---|
| SearchAwesome | 2018 | -- | The malware installs a certificate. [1] |
[1] https://www.malwarebytes.com/blog/news/2018/10/mac-malware-intercepts-encrypted-web-traffic-for-ad-injection