Publish Poisoned Models

Type: technique

Description: Adversaries may publish a poisoned model to a public location such as a model registry or code repository. The poisoned model may be a novel model or a poisoned variant of an existing open-source model. This model may be introduced to a victim system via ML supply chain compromise.

Version: 0.1.0

Created At: 2025-03-04 10:27:40 -0500

Last Modified At: 2025-03-04 10:27:40 -0500

External References

Related Objects

• --> Resource Development (tactic): Releasing maliciously altered machine learning models to disrupt downstream use or compromise systems.

Related Frameworks

• MITRE ATLAS - AML.T0058