Skip to content

S0294 ShiftyBug

ShiftyBug is an auto-rooting adware family of malware for Android. The family is very similar to the other Android families known as Shedun, Shuanet, Kemoge, though it is not believed all the families were created by the same group. 1

Item Value
ID S0294
Associated Names
Version 1.1
Created 25 October 2017
Last Modified 11 December 2018
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
mobile T1404 Exploit OS Vulnerability ShiftyBug is packed with at least eight publicly available exploits that can perform rooting.1
mobile T1400 Modify System Partition ShiftyBug is auto-rooting adware that embeds itself as a system application, making it nearly impossible to remove.1


Back to top