|T1474.001||Compromise Software Dependencies and Development Tools|
|T1474.002||Compromise Hardware Supply Chain|
|T1474.003||Compromise Software Supply Chain|
Adversaries may manipulate application software prior to receipt by a final consumer for the purpose of data or system compromise. Supply chain compromise of software can take place in a number of ways, including manipulation of the application source code, manipulation of the update/distribution mechanism for that software, or replacing compiled releases with a modified version.
CHEMISTGAMES has been distributed as updates to legitimate applications. This was accomplished by compromising legitimate app developers, and subsequently gaining access to their Google Play Store developer account.
Security updates may contain patches that inhibit system software compromises.
|M1004||System Partition Integrity||
Ensure Verified Boot is enabled on devices with that capability.
Application vetting services can detect malicious code in applications. System partition integrity checking mechanisms can detect unauthorized or malicious code contained in the system partition.