S0294 ShiftyBug
ShiftyBug is an auto-rooting adware family of malware for Android. The family is very similar to the other Android families known as Shedun, Shuanet, Kemoge, though it is not believed all the families were created by the same group. 1
| Item | Value |
|---|---|
| ID | S0294 |
| Associated Names | |
| Type | MALWARE |
| Version | 1.1 |
| Created | 25 October 2017 |
| Last Modified | 11 December 2018 |
| Navigation Layer | View In ATT&CK® Navigator |
Techniques Used
| Domain | ID | Name | Use |
|---|---|---|---|
| mobile | T1404 | Exploit OS Vulnerability | ShiftyBug is packed with at least eight publicly available exploits that can perform rooting.1 |
| mobile | T1400 | Modify System Partition | ShiftyBug is auto-rooting adware that embeds itself as a system application, making it nearly impossible to remove.1 |