Register to stream ATT&CKcon 2.0 October 29-30


XLoader is a malicious Android app that was observed targeting Japan, Korea, China, Taiwan, and Hong Kong in 2018. [1]

ID: S0318
Platforms: Android
Version: 1.1

Techniques Used

Domain ID Name Use
Mobile T1401 Abuse Device Administrator Access to Prevent Removal XLoader requests Android Device Administrator access. [1]
Mobile T1412 Capture SMS Messages XLoader collects SMS messages. [1]
Mobile T1429 Microphone or Camera Recordings XLoader covertly records phone calls. [1]
Mobile T1406 Obfuscated Files or Information XLoader loads an encrypted DEX code payload. [1]