| ID | Name |
|---|---|
| ATAGS-T1065.001 | Malicious Copy and Paste |
| ATAGS-T1065.002 | Malicious File |
| ATAGS-T1065.003 | Malicious Image |
| ATAGS-T1065.004 | Malicious Library |
| ATAGS-T1065.005 | Malicious Link |
Threat actors may rely on a user installing a malicious library to facilitate execution. Threat actors may Upload Malware to package managers such as NPM and PyPi, as well as to public code repositories such as GitHub. User may install libraries without realizing they are malicious, thus bypassing techniques that specifically achieve Initial Access. This can lead to the execution of malicious code, such as code that establishes persistence, steals data, or mines cryptocurrency.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.