Common Information
| Type | Value |
|---|---|
| Value |
Input Prompt - T1141 |
| Category | Attack-Pattern |
| Type | Mitre-Enterprise-Attack-Attack-Pattern |
| Misp Type | Cluster |
| Description | When programs are executed that need additional privileges than are present in the current user context, it is common for the operating system to prompt the user for proper credentials to authorize the elevated privileges for the task. Adversaries can mimic this functionality to prompt users for credentials with a normal-looking prompt. This type of prompt can be accomplished with AppleScript: <code>set thePassword to the text returned of (display dialog "AdobeUpdater needs permission to check for updates. Please authenticate." default answer "")</code> (Citation: OSX Keydnap malware) Adversaries can prompt a user for a number of reasons that mimic normal usage, such as a fake installer requiring additional access or a fake malware removal suite. (Citation: OSX Malware Exploits MacKeeper) Detection: This technique exploits users' tendencies to always supply credentials when prompted, which makes it very difficult to detect. Monitor process execution for unusual programs as well as AppleScript that could be used to prompt users for credentials. Platforms: macOS Data Sources: User interface, Process Monitoring Permissions Required: User |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-13 | 8 | Mastering Prompt Injection Attacks: An In-Depth Guide to AI Security Vulnerabilities | ||
| Details | Website | 2024-11-04 | 22 | Machine Learning Bug Bonanza - Exploiting ML Services | ||
| Details | Website | 2024-09-30 | 2 | ASCWG Finals CTF 2024 Reverse Challenges | ||
| Details | Website | 2024-09-21 | 0 | Adversarial Attacks in AI: How ChatGPT Can Be Hacked. | ||
| Details | Website | 2024-07-09 | 0 | New AI Innovations that supercharge Data Protection | ||
| Details | Website | 2024-04-26 | 0 | Accelerating incident response using generative AI | ||
| Details | Website | 2023-07-14 | 0 | OWASP Top 10 for LLMs: An Overview with SOCRadar | ||
| Details | Website | 2023-06-26 | 2 | Unravelling the Attack Surface of AI Systems | ||
| Details | Website | 2023-06-25 | 15 | SOC Puppet Creation Guide | ||
| Details | Website | 2023-06-15 | 11 | Reverse Engineering: Binary Security | ||
| Details | Website | 2023-04-03 | 2 | ChatGPT, the AI Revolution, and the Security, Privacy and Ethical Implications | ||
| Details | Website | 2023-04-03 | 2 | ChatGPT, the AI Revolution, and the Security, Privacy and Ethical Implications | ||
| Details | Website | 2023-03-12 | 0 | Memory ExploTion (Exploit in Action) | ||
| Details | Website | 2022-12-14 | 2 | ChatGPT – the impact on Web3, Web2 and online security – a viewpoint from Naoris – Global Security Mag Online | ||
| Details | Website | 2022-11-15 | 48 | Phishing Campaign Targeting Indonesian BRI Bank Using SMS Stealer | ||
| Details | Website | 2022-06-07 | 5 | Behind the Creation of Detector #1236 - Red Canary | ||
| Details | Website | 2022-05-16 | 17 | Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys | ||
| Details | Website | 2022-05-16 | 14 | Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys | ||
| Details | Website | 2022-03-16 | 92 | Avira Labs Research Reveals Hydra Banking Trojan 2.0 targeting a wider network of German and Austrian banks | ||
| Details | Website | 2022-01-21 | 0 | Codex Exposed Task Automation and Response Consistency | ||
| Details | Website | 2022-01-21 | 0 | Codex Exposed Task Automation and Response Consistency | ||
| Details | Website | 2012-10-03 | 1 | Grant H. - CSAW CTF: Exploitation 200 |