SOFTWARE
Arp
at
cmd
Dok
FTP
Net
Orz
Reg
RTM
Tor
yty
SOFTWARE
1-9
A-B
Arp
at
C-D
cmd
Dok
E-F
FTP
G-H
I-J
K-L
M-N
Net
O-P
Orz
Q-R
Reg
RTM
S-T
Tor
U-V
W-X
Y-Z
yty
  1. Home
  2. Software
  3. DroidJack

DroidJack

DroidJack is an Android remote access tool that has been observed posing as legitimate applications including the Super Mario Run and Pokemon GO games. [1] [2]

ID: S0320
Type: MALWARE
Platforms: Android
Version: 1.2
Mobile Layer
download view

Techniques Used

Domain ID Name Use
Mobile T1433 Access Call Log

DroidJack captures call data.[1]
Mobile T1429 Capture Audio

DroidJack is capable of recording device phone calls.[1]
Mobile T1512 Capture Camera

DroidJack can capture video using device cameras.[1]
Mobile T1412 Capture SMS Messages

DroidJack captures SMS data.[1]
Mobile T1444 Masquerade as Legitimate Application

DroidJack included code from the legitimate Pokemon GO app in order to appear identical to the user, but it also included additional malicious code.[2]

References

  1. Viral Gandhi. (2017, January 12). Super Mario Run Malware #2 – DroidJack RAT. Retrieved January 20, 2017.
  1. Proofpoint. (2016, July 7). DroidJack Uses Side-Load…It's Super Effective! Backdoored Pokemon GO Android App Found. Retrieved January 20, 2017.