Capture Clipboard Data

A malicious app or other attack vector could capture sensitive data stored in the device clipboard, for example passwords being copy-and-pasted from a password manager app.

ID: T1414

Tactic Type:  Post-Adversary Device Access

Tactic: Collection, Credential Access

Platform:  Android, iOS

MTC ID:  APP-35

Version: 1.0

Mitigations

MitigationDescription
Application Vetting

Examples

NameDescription
RCSAndroid

RCSAndroid can monitor clipboard content.[1]

XcodeGhost

XcodeGhost can read and write data in the user’s clipboard.[2]

References