CAPEC-616: Establish Rogue Location
An adversary provides a malicious version of a resource at a location that is similar to the expected location of a legitimate resource. After establishing the rogue location, the adversary waits for a victim to visit the location and access the malicious resource.
Last updated
Overview
CAPEC-616 (Establish Rogue Location) is a standard-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.
What the attacker needs
Prerequisites
- A resource is expected to available to the user.
Skills required
- Low skill: Adversaries can often purchase low-cost technology to implement rogue access points.
Consequences
What a successful CAPEC-616 attack can achieve.
Other
Affects: Confidentiality, Integrity
Successful attacks of this nature can result in a wide variety of consequences and negatively impact confidentiality and integrity based on the adversary's subsequent actions.