Register to stream ATT&CKcon 2.0 October 29-30

Tangelo

Tangelo is iOS malware that is believed to be from the same developers as the Stealth Mango Android malware. It is not a mobile application, but rather a Debian package that can only run on jailbroken iOS devices. [1]

ID: S0329
Type: MALWARE
Platforms: iOS
Version: 1.1

Techniques Used

Domain ID Name Use
Mobile T1433 Access Call Log Tangelo contains functionality to gather call logs. [1]
Mobile T1409 Access Sensitive Data or Credentials in Files Tangelo accesses databases from WhatsApp, Viber, Skype, and Line. It also accesses browser history, pictures, and videos. [1]
Mobile T1412 Capture SMS Messages Tangelo contains functionality to gather SMS messages. [1]
Mobile T1430 Location Tracking Tangelo contains functionality to gather GPS coordinates. [1]
Mobile T1429 Microphone or Camera Recordings Tangelo contains functionality to record calls as well as the victim device's environment. [1]
Mobile T1422 System Network Configuration Discovery Tangelo contains functionality to gather cellular IDs. [1]

References