Tangelo

Tangelo is iOS malware that is believed to be from the same developers as the Stealth Mango Android malware. It is not a mobile application, but rather a Debian package that can only run on jailbroken iOS devices. [1]

ID: S0329
Type: MALWARE
Platforms: iOS
Version: 1.1

Techniques Used

Domain ID Name Use
Mobile T1433 Access Call Log Tangelo contains functionality to gather call logs.[1]
Mobile T1409 Access Sensitive Data or Credentials in Files Tangelo accesses databases from WhatsApp, Viber, Skype, and Line. It also accesses browser history, pictures, and videos.[1]
Mobile T1412 Capture SMS Messages Tangelo contains functionality to gather SMS messages.[1]
Mobile T1430 Location Tracking Tangelo contains functionality to gather GPS coordinates.[1]
Mobile T1429 Microphone or Camera Recordings Tangelo contains functionality to record calls as well as the victim device's environment.[1]
Mobile T1422 System Network Configuration Discovery Tangelo contains functionality to gather cellular IDs.[1]

References