Check out the results from our first round of ATT&CK Evaluations at attackevals.mitre.org!

DroidJack

DroidJack RAT is an Android remote access tool that has been observed posing as legitimate applications including the Super Mario Run and Pokemon GO games. [1] [2]

ID: S0320
Aliases: DroidJack
Type: MALWARE
Platforms: Android

Version: 1.1

Alias Descriptions

NameDescription
DroidJack[1] [2]

Techniques Used

DomainIDNameUse
MobileT1433Access Call LogDroidJack RAT captures call data.[1]
MobileT1412Capture SMS MessagesDroidJack RAT captures SMS data.[1]
MobileT1429Microphone or Camera RecordingsDroidJack RAT performs call recording and video capturing.[1]
MobileT1444Repackaged ApplicationDroidJack RAT included code from the legitimate Pokemon GO app in order to appear identical to the user, but it also included additional malicious code.[2]

References