User Execution: Malicious Link (T1204.001)

Tactic: Execution · Platforms: Linux, macOS, Windows

The interactive view maps 1 detection strategy, 3 mitigations, 49 threat groups, 29 software entries, 9 campaigns to this technique, alongside D3FEND countermeasures and data-component coverage.

Sub-technique of User Execution (T1204).

Overview

An adversary may rely upon a user clicking a malicious link in order to gain execution. Users may be subjected to social engineering to get them to click on a link that will lead to code execution. This user action will typically be observed as follow-on behavior from Spearphishing Link. Clicking on a link may also lead to other execution techniques such as exploitation of a browser or application vulnerability via Exploitation for Client Execution. Links may also lead users to download files that require execution via Malicious File.

Explore