CAPEC-655 Metadata
Likelihood of Attack
High
Typical Severity
High
Overview
Summary
An adversary adds data to a file to increase the file size beyond what security tools are capable of handling in an attempt to mask their actions. In addition to this, adding data to a file also changes the file's hash, frustrating security tools that look for known bad files by their hash.
Prerequisites
No prerequisites listed.
Potential Solutions / Mitigations
No specific solutions listed.
Related CAPECs
| CAPEC ID | Description |
|---|---|
| CAPEC-572 | An adversary modifies file contents by adding data to files for several reasons. Many different attacks could “follow” this pattern resulting in numerous outcomes. Adding data to a file could also result in a Denial of Service condition for devices with limited storage capacity. |
Taxonomy Mappings
Taxonomy: ATTACK
| Entry ID | Entry Name |
|---|---|
| 1027.001 | Obfuscated Files or Information:Binary padding |
Stay Ahead of Attack Patterns
Understanding CAPEC patterns helps security professionals anticipate and thwart potential attacks. Leverage these insights to enhance threat modeling, strengthen your software development lifecycle, and train your security teams effectively.