Deliver Malicious App via Authorized App Store

Adversaries may take advantage of authorized app stores to deliver malicious apps to target vehicle systems. This technique allows them to gain access to the vehicle's network.

By uploading malicious apps to authorized app stores, adversaries can trick users into downloading and installing these apps onto their vehicle's infotainment system or other connected devices. Once installed, these malicious apps can gain access to critical systems. For example, adversaries may create fake navigation or entertainment apps that contain hidden malware, allowing them to gain remote access and control over the vehicle's functions.

In the context of vehicle cybersecurity, this attack technique poses a significant threat as it targets the software ecosystem of connected vehicles. As vehicles become more reliant on software and app-based functionalities, the risk of unauthorized access and control by adversaries increases, posing potential safety hazards for drivers and passengers.

ID: T2001
Sub-techniques:  No sub-techniques
Tactic: Initial Access
Version: 1.0
Created: 03 December 2023
Last Modified: 03 December 2023
ATT&CK Reference:  T1475

Mitigations

This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.