Skip to content

S0313 RuMMS

RuMMS is an Android malware family. 1

Item Value
ID S0313
Associated Names
Type MALWARE
Version 1.1
Created 25 October 2017
Last Modified 11 December 2018
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
mobile T1412 Capture SMS Messages RuMMS uploads incoming SMS messages to a remote command and control server.1
mobile T1476 Deliver Malicious App via Other Means RuMMS is delivered via an SMS message containing a link to an APK (Android application package).1
mobile T1437 Standard Application Layer Protocol RuMMS uses HTTP for command and control.1
mobile T1426 System Information Discovery RuMMS gathers device model and operating system version information and transmits it to a command and control server.1
mobile T1422 System Network Configuration Discovery RuMMS gathers the device phone number and IMEI and transmits them to a command and control server.1

References

  1. Wu Zhou, Deyu Hu, Jimmy Su, Yong Kang. (2016, April 26). RUMMS: THE LATEST FAMILY OF ANDROID MALWARE ATTACKING USERS IN RUSSIA VIA SMS PHISHING. Retrieved February 6, 2017. 

Back to top