Skip to content

S0320 DroidJack

DroidJack is an Android remote access tool that has been observed posing as legitimate applications including the Super Mario Run and Pokemon GO games. 2 1

Item Value
ID S0320
Associated Names
Type MALWARE
Version 1.2
Created 25 October 2017
Last Modified 20 May 2022
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
mobile T1429 Audio Capture DroidJack is capable of recording device phone calls.2
mobile T1636 Protected User Data -
mobile T1636.002 Call Log DroidJack captures call data.2
mobile T1636.004 SMS Messages DroidJack captures SMS data.2
mobile T1512 Video Capture DroidJack can capture video using device cameras.2

References

  1. Proofpoint. (2016, July 7). DroidJack Uses Side-Load…It’s Super Effective! Backdoored Pokemon GO Android App Found. Retrieved January 20, 2017. 

  2. Viral Gandhi. (2017, January 12). Super Mario Run Malware #2 – DroidJack RAT. Retrieved January 20, 2017.