Adversaries may rely on a user running a malicious image to facilitate execution. Amazon Web Services (AWS) Amazon Machine Images (AMIs), Google Cloud Platform (GCP) Images, and Azure Images as well as popular container runtimes such as Docker can be backdoored. Backdoored images may be uploaded to a public repository via Upload Malware, and users may then download and deploy an instance or container from the image without realizing the image is malicious, thus bypassing techniques that specifically achieve Initial Access. This can lead to the execution of malicious code, such as code that executes cryptocurrency mining, in the instance or container.(Citation: Summit Route Malicious AMIs)
Adversaries may also name images a certain way to increase the chance of users mistakenly deploying an instance or container from the image (ex: Match Legitimate Name or Location).(Citation: Aqua Security Cloud Native Threat Report June 2021)
View in MITRE ATT&CK®| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| DE.AE-02.01 | Event analysis and detection | Mitigates | T1204.003 | Malicious Image |
Comments
This diagnostic statement provides for implementation of methods to block similar future attacks via security tools such as antivirus and IDS/IPS to provide protection against threats and exploitation attempts.
References
|
| DE.CM-09.01 | Software and data integrity checking | Mitigates | T1204.003 | Malicious Image |
Comments
This diagnostic statement protects against Malicious Image through the use of verifying integrity of software/firmware, loading software that is trusted, ensuring privileged process integrity and checking software signatures.
References
|
| DE.CM-01.01 | Intrusion detection and prevention | Mitigates | T1204.003 | Malicious Image |
Comments
In order to protect users from being victims of social engineering attacks, network intrusion prevention techniques can be used to scan and block malicious images so those images can't lead to malicious code being executed.
References
|
| PR.PS-01.03 | Configuration deviation | Mitigates | T1204.003 | Malicious Image |
Comments
This diagnostic statement provides protection from User Execution through the implementation of security configuration baselines for OS, software, file integrity monitoring and imaging. Security baselining and integrity checking can help protect against adversaries attempting to execute malicious unsigned code.
References
|
| PR.PS-01.09 | Virtualized end point protection | Mitigates | T1204.003 | Malicious Image |
Comments
The diagnostic statement highlights several mitigating controls that organizations can implement to protect endpoint systems using virtualization technologies. Adversaries may rely on a user running a malicious image to facilitate execution. This can lead to the execution of malicious code, such as code that executes cryptocurrency mining, in the virtualized instance or container. Mitigating controls such as execution prevention, NIPS, EDRs and behavior prevention on endpoints may provide mitigating mechanisms to prevent the running of executables coming from virtualized machines onto the host or network.
References
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1204.003 | Malicious Image |
Comments
This diagnostic statement protects against Malicious Image through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
References
|
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| action.malware.variety.Other | Other | related-to | T1204.003 | Malicious Image |
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| alerts_for_windows_machines | Alerts for Windows Machines | technique_scores | T1204.003 | Malicious Image |
Comments
This capability can detect when commands are executed that are associated with this technique.
References
|
| azure_firewall | Azure Firewall | technique_scores | T1204.003 | Malicious Image |
Comments
This control can prevent malicious downloads associated with this technique.
References
|
| defender_for_containers | Microsoft Defender for Containers | technique_scores | T1204.003 | Malicious Image |
Comments
This capability can detect when containers are created or started.
References
|
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| binary_authorization | Binary Authorization | technique_scores | T1204.003 | Malicious Image |
Comments
Each image has a signer digitally sign using a private key. At deploy time, the enforcer uses the attester's public key to verify the signature in the attestation.
References
|
| cloud_ids | Cloud IDS | technique_scores | T1204.003 | Malicious Image |
Comments
Often used by adversaries to establish persistence, Palo Alto Network's antivirus signatures is able to detect download attempts or traffic generated from malicious programs designed to mine cryptocurrency without the user's knowledge.
Although there are ways an attacker could modify the attack to avoid detection, this technique was scored as significant based on Palo Alto Network's advanced threat detection technology which constantly updates to detect against the latest known variations of these crypto-mining attacks
References
|
| security_command_center | Security Command Center | technique_scores | T1204.003 | Malicious Image |
Comments
SCC is able to detect a potentially malicious binary being executed that was not part of the original container image. Because of the high threat detection coverage and near-real time temporal factor this control was graded as significant.
References
|
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| aws_config | AWS Config | technique_scores | T1204.003 | Malicious Image |
Comments
The following AWS Config managed rules can identify running instances that are not using AMIs within a specified allow list: "approved-amis-by-id" and "approved-amis-by-tag", both of which are run on configuration changes. They provide significant coverage, resulting in an overall score of Significant.
References
|