System Information Discovery
An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, and architecture.
On Android, much of this information is programmatically accessible to applications through the android.os.Build class.
On iOS, techniques exist for applications to programmatically access this information.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.
|Pegasus for iOS|
- Android. (n.d.). Build. Retrieved December 21, 2016.
- Stack Overflow. (n.d.). How can we programmatically detect which iOS version is device running on?. Retrieved December 21, 2016.
- Karl Dominguez. (2011, September 27). ANDROIDOS_ANSERVER.A. Retrieved November 30, 2018.
- Claud Xiao. (2015, August 30). KeyRaider: iOS Malware Steals Over 225,000 Apple Accounts to Create Free App Utopia. Retrieved December 12, 2016.
- Blaich, A., et al. (2018, January 18). Dark Caracal: Cyber-espionage at a Global Scale. Retrieved April 11, 2018.
- Lookout. (2016). Technical Analysis of Pegasus Spyware. Retrieved December 12, 2016.
- Wu Zhou, Deyu Hu, Jimmy Su, Yong Kang. (2016, April 26). RUMMS: THE LATEST FAMILY OF ANDROID MALWARE ATTACKING USERS IN RUSSIA VIA SMS PHISHING. Retrieved February 6, 2017.