Skip to content

T1632 Subvert Trust Controls

Adversaries may undermine security controls that will either warn users of untrusted activity or prevent execution of untrusted applications. Operating systems and security products may contain mechanisms to identify programs or websites as possessing some level of trust. Examples of such features include: an app being allowed to run because it is signed by a valid code signing certificate; an OS prompt alerting the user that an app came from an untrusted source; or getting an indication that you are about to connect to an untrusted site. The method adversaries use will depend on the specific mechanism they seek to subvert.

Item Value
ID T1632
Sub-techniques T1632.001
Tactics TA0030
Platforms Android, iOS
Version 1.1
Created 30 March 2022
Last Modified 20 March 2023


ID Mitigation Description
M1012 Enterprise Policy On iOS, the allowEnterpriseAppTrust and allowEnterpriseAppTrustModification configuration profile restrictions can be used to prevent users from installing apps signed using enterprise distribution keys.
M1006 Use Recent OS Version Mobile OSes have implemented measures to make it more difficult to trick users into installing untrusted certificates and configurations. iOS 10.3 and higher add an additional step for users to install new trusted CA certificates and configuration profiles. On Android, apps that target compatibility with Android 7 and higher (API Level 24) default to only trusting CA certificates that are bundled with the operating system, not CA certificates that are added by the user or administrator, hence decreasing their susceptibility to successful adversary-in-the-middle attack.12
M1011 User Guidance Typically, insecure or malicious configuration settings are not installed without the user’s consent. Users should be advised not to install unexpected configuration settings (CA certificates, iOS Configuration Profiles, Mobile Device Management server provisioning).


ID Data Source Data Component
DS0042 User Interface System Settings