JUST RELEASED: ATT&CK for Industrial Control Systems
SOFTWARE
SOFTWARE
1-9
A-B
C-D
E-F
G-H
I-J
K-L
M-N
O-P
Q-R
S-T
U-V
W-X
Y-Z
  1. Home
  2. Software
  3. DroidJack

DroidJack

DroidJack is an Android remote access tool that has been observed posing as legitimate applications including the Super Mario Run and Pokemon GO games. [1] [2]

ID: S0320
Type: MALWARE
Platforms: Android
Version: 1.2
Created: 25 October 2017
Last Modified: 09 August 2019
Mobile Layer
download view

Techniques Used

Domain ID Name Use
Mobile T1433 Access Call Log

DroidJack captures call data.[1]
Mobile T1429 Capture Audio

DroidJack is capable of recording device phone calls.[1]
Mobile T1512 Capture Camera

DroidJack can capture video using device cameras.[1]
Mobile T1412 Capture SMS Messages

DroidJack captures SMS data.[1]
Mobile T1444 Masquerade as Legitimate Application

DroidJack included code from the legitimate Pokemon GO app in order to appear identical to the user, but it also included additional malicious code.[2]

References

  1. Viral Gandhi. (2017, January 12). Super Mario Run Malware #2 – DroidJack RAT. Retrieved January 20, 2017.
  1. Proofpoint. (2016, July 7). DroidJack Uses Side-Load…It's Super Effective! Backdoored Pokemon GO Android App Found. Retrieved January 20, 2017.