JUST RELEASED: ATT&CK for Industrial Control Systems

SOFTWARE

Android/Chuli.A

ANDROIDOS_ANSERVER.A

AutoIt backdoor

Backdoor.Oldrea

Exaramel for Linux

Exaramel for Windows

Hacking Team UEFI Rootkit

Olympic Destroyer

OSX_OCEANLOTUS.D

Pass-The-Hash Toolkit

Pegasus for Android

Pegasus for iOS

Trojan-SMS.AndroidOS.Agent.ao

Trojan-SMS.AndroidOS.FakeInst.a

Trojan-SMS.AndroidOS.OpFake.a

Trojan.Karagany

Windows Credential Editor

X-Agent for Android

SOFTWARE

1-9

A-B

Android/Chuli.A

ANDROIDOS_ANSERVER.A

AutoIt backdoor

Backdoor.Oldrea

C-D

E-F

Exaramel for Linux

Exaramel for Windows

G-H

Hacking Team UEFI Rootkit

I-J

K-L

M-N

O-P

Olympic Destroyer

OSX_OCEANLOTUS.D

Pass-The-Hash Toolkit

Pegasus for Android

Pegasus for iOS

Q-R

S-T

Trojan-SMS.AndroidOS.Agent.ao

Trojan-SMS.AndroidOS.FakeInst.a

Trojan-SMS.AndroidOS.OpFake.a

Trojan.Karagany

U-V

W-X

Windows Credential Editor

X-Agent for Android

Y-Z

YiSpecter

YiSpecter iOS malware that affects both jailbroken and non-jailbroken iOS devices. It is also unique because it abuses private APIs in the iOS system to implement functionality. ^[1]

ID: S0311

Type: MALWARE

Platforms: iOS

Version: 1.1

Created: 25 October 2017

Last Modified: 11 December 2018

Techniques Used

Domain	ID	Name	Use
Mobile	T1476	Deliver Malicious App via Other Means	YiSpecter's malicious apps were signed with iOS enterprise certificates issued by Apple to allow the apps to be installed as enterprise apps on non-jailbroken iOS devices.^[1]

References

Claud Xiao. (2015, October 4). YiSpecter: First iOS Malware That Attacks Non-jailbroken Apple iOS Devices by Abusing Private APIs. Retrieved January 20, 2017.