SOFTWARE
SOFTWARE
A-B
C-D
E-F
G-H
I-J
K-L
M-N
O-P
Q-R
S-T
U-V
W-X
Xbot
Xbot is an Android malware family that was observed in 2016 primarily targeting Android users in Russia and Australia. [1]
ID: S0298
Type: TOOL
Platforms: Android
Version: 1.1
Created: 25 October 2017
Last Modified: 11 December 2018
Techniques Used
Domain | ID | Name | Use | |
---|---|---|---|---|
Mobile | T1412 | Capture SMS Messages |
Xbot steals all SMS message and contact information as well as intercepts and parses certain SMS messages.[1] |
|
Mobile | T1471 | Data Encrypted for Impact |
Xbot can encrypt the victim's files in external storage (e.g., SD card) and then request a PayPal cash card as ransom.[1] |
|
Mobile | T1446 | Device Lockout |
Xbot can remotely lock infected Android devices and ask for a ransom.[1] |
|
Mobile | T1411 | Input Prompt |
Xbot uses phishing pages mimicking Google Play's payment interface as well as bank login pages.[1] |
References
×