Tangelo

Tangelo is iOS malware that is believed to be from the same developers as the Stealth Mango Android malware. It is not a mobile application, but rather a Debian package that can only run on jailbroken iOS devices. [1]

ID: S0329
Type: MALWARE
Platforms: iOS

Version: 1.1

Techniques Used

DomainIDNameUse
MobileT1433Access Call LogTangelo contains functionality to gather call logs.[1]
MobileT1409Access Sensitive Data or Credentials in FilesTangelo accesses databases from WhatsApp, Viber, Skype, and Line. It also accesses browser history, pictures, and videos.[1]
MobileT1412Capture SMS MessagesTangelo contains functionality to gather SMS messages.[1]
MobileT1430Location TrackingTangelo contains functionality to gather GPS coordinates.[1]
MobileT1429Microphone or Camera RecordingsTangelo contains functionality to record calls as well as the victim device's environment.[1]
MobileT1422System Network Configuration DiscoveryTangelo contains functionality to gather cellular IDs.[1]

References