T1204.001SubTechniqueexecutionagent-callable

T1204.001Malicious Link

Sub-technique of T1204

Platforms: Linux · macOS · Windows

ATT&CK version: 14.1

What it is

An adversary may rely upon a user clicking a malicious link in order to gain execution. Users may be subjected to social engineering to get them to click on a link that will lead to code execution. This user action will typically be observed as follow-on behavior from [Spearphishing Link](https://attack.mitre.org/techniques/T1566/002). Clicking on a link may also lead to other execution techniques such as exploitation of a browser or application vulnerability via [Exploitation for Client Execution](https://attack.mitre.org/techniques/T1203). Links may also lead users to download files that require execution via [Malicious File](https://attack.mitre.org/techniques/T1204/002).

ATT&CK tactics· 1

Execution

References

  1. https://attack.mitre.org/techniques/T1204/001
Sourced from MITRE ATT&CK Enterprise v14.1. Curated and contextualized for EU compliance use cases by Adam Lundqvist, Founder at SQUR.