Malicious Software Development Tools - T1462 (b928b94a-4966-4e2a-9e61-36505b896ebc)
As demonstrated by the XcodeGhost attack (Citation: PaloAlto-XcodeGhost1), app developers could be provided with modified versions of software development tools (e.g. compilers) that automatically inject malicious or exploitable code into applications.
Detection: Enterprises could deploy integrity checking software to the computers that they use to develop code to detect presence of unauthorized, modified software development tools.
Platforms: Android, iOS
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Supply Chain Compromise - T1474 (0d95940f-9583-4e0f-824c-a42c1be47fad) | Attack Pattern | Malicious Software Development Tools - T1462 (b928b94a-4966-4e2a-9e61-36505b896ebc) | Attack Pattern | 1 |