Skip to content

S0490 XLoader for iOS

XLoader for iOS is a malicious iOS application that is capable of gathering system information.1 It is tracked separately from the XLoader for Android.

Item Value
ID S0490
Associated Names
Version 1.0
Created 20 July 2020
Last Modified 16 October 2020
Navigation Layer View In ATT&CK® Navigator

Techniques Used

Domain ID Name Use
mobile T1476 Deliver Malicious App via Other Means XLoader for Android has been distributed via phishing SMS messages, which link to a malicious website hosting a device profile.1
mobile T1478 Install Insecure or Malicious Configuration XLoader for iOS has been installed via a malicious configuration profile.1
mobile T1437 Standard Application Layer Protocol XLoader for iOS has exfiltrated data using HTTP requests.1
mobile T1426 System Information Discovery XLoader for iOS can obtain the device’s UDID, version number, and product number.1
mobile T1422 System Network Configuration Discovery XLoader for iOS can obtain the device’s IMEM, ICCID, and MEID.1


Back to top