Persona Development

  • Persona Development - Pre-ATT&CK
    • Persona development consists of the development of public information, presence, history and appropriate affiliations. This development could be applied to social media, website, or other publicly available information that could be referenced and scrutinized for legitimacy over the course of an operation using that persona or identity.

Build social network persona

  • Build social network persona
    • For attacks incorporating social engineering the utilization of an on-line persona is important. These personas may be fictitious or impersonate real people. The persona may exist on a single site or across multiple sites (Facebook, LinkedIn, Twitter, Google+, etc.).

Choose pre-compromised mobile app developer account credentials or signing keys

  • Choose pre-compromised mobile app developer account credentials or signing keys
    • The adversary can use account credentials or signing keys of an existing mobile app developer to publish malicious updates of existing mobile apps to an application store, or to abuse the developer's identity and reputation to publish new malicious apps. Many mobile devices are configured to automatically install new versions of already-installed apps.

Choose pre-compromised persona and affiliated accounts

  • Choose pre-compromised persona and affiliated accounts
    • For attacks incorporating social engineering the utilization of an on-line persona is important. Utilizing an existing persona with compromised accounts may engender a level of trust in a potential victim if they have a relationship, or knowledge of, the compromised persona.

Develop social network persona digital footprint


Friend/Follow/Connect to targets of interest