RuMMS is an Android malware family. [1]

ID: S0313
Platforms: Android
Version: 1.1
Created: 25 October 2017
Last Modified: 11 December 2018

Techniques Used

Domain ID Name Use
Mobile T1412 Capture SMS Messages

RuMMS uploads incoming SMS messages to a remote command and control server.[1]

Mobile T1476 Deliver Malicious App via Other Means

RuMMS is delivered via an SMS message containing a link to an APK (Android application package).[1]

Mobile T1437 Standard Application Layer Protocol

RuMMS uses HTTP for command and control.[1]

Mobile T1426 System Information Discovery

RuMMS gathers device model and operating system version information and transmits it to a command and control server.[1]

Mobile T1422 System Network Configuration Discovery

RuMMS gathers the device phone number and IMEI and transmits them to a command and control server.[1]