Skip to content

S0320 DroidJack

DroidJack is an Android remote access tool that has been observed posing as legitimate applications including the Super Mario Run and Pokemon GO games. 1 2

Item Value
ID S0320
Associated Names
Type MALWARE
Version 1.2
Created 25 October 2017
Last Modified 09 August 2019
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
mobile T1433 Access Call Log DroidJack captures call data.1
mobile T1429 Capture Audio DroidJack is capable of recording device phone calls.1
mobile T1512 Capture Camera DroidJack can capture video using device cameras.1
mobile T1412 Capture SMS Messages DroidJack captures SMS data.1
mobile T1444 Masquerade as Legitimate Application DroidJack included code from the legitimate Pokemon GO app in order to appear identical to the user, but it also included additional malicious code.2

References

Back to top