misp-galaxy/clusters/mitre-mobile-attack-tool.json
Christophe Vandeplas 9dddc4427c jq
2018-10-19 10:23:09 +02:00

59 lines
2.2 KiB
JSON

{
"authors": [
"MITRE"
],
"category": "tool",
"description": "Name of ATT&CK software",
"name": "Mobile Attack - Tool",
"source": "https://github.com/mitre/cti",
"type": "mitre-mobile-attack-tool",
"uuid": "02cee87e-1708-11e8-8f15-8b33e4d6194b",
"values": [
{
"description": "Xbot is a family of Android malware analyzed by Palo Alto Networks (Citation: PaloAlto-Xbot) that \"tries to steal victims' banking credentials and credit card information\", \"can also remotely lock infected Android devices, encrypt the user's files in external storage (e.g., SD card), and then ask for a U.S. $100 PayPal cash card as ransom\" and \"will steal all SMS message and contact information, intercept certain SMS messages, and parse SMS messages for mTANs (Mobile Transaction Authentication Number) from banks.\"\n\nAliases: Xbot",
"meta": {
"external_id": "MOB-S0014",
"refs": [
"https://attack.mitre.org/mobile/index.php/Software/MOB-S0014",
"http://researchcenter.paloaltonetworks.com/2016/02/new-android-trojan-xbot-phishes-credit-cards-and-bank-accounts-encrypts-devices-for-ransom/"
],
"synonyms": [
"Xbot"
]
},
"related": [
{
"dest-uuid": "e683cd91-40b4-4e1c-be25-34a27610a22e",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "similar"
},
{
"dest-uuid": "4cfa42a3-71d9-43e2-bf23-daa79f326387",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "similar"
},
{
"dest-uuid": "5a78ec38-8b93-4dde-a99e-0c9b77674838",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "similar"
},
{
"dest-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060",
"tags": [
"estimative-language:likelihood-probability=\"almost-certain\""
],
"type": "uses"
}
],
"uuid": "da21929e-40c0-443d-bdf4-6b60d15448b4",
"value": "Xbot - MOB-S0014"
}
],
"version": 6
}