- #Macos malware used runonly to avoid android
- #Macos malware used runonly to avoid software
- #Macos malware used runonly to avoid free
- #Macos malware used runonly to avoid windows
A Linux kernel distributed by Allwinner for use on these devices reportedly contained a backdoor.Īmadey is a Trojan bot that has been used since at least October 2018.Īnchor is one of a family of backdoor malware that has been used in conjunction with TrickBot on selected high profile targets since at least 2018.Īndroid/AdDisplay.Ashas is a variant of adware that has been distributed through multiple apps in the Google Play Store.Īndroid/Chuli.A is Android malware that was delivered to activist groups via a spearphishing email with an attachment.ĪndroidOS/MalLocker.B is a variant of a ransomware family targeting Android devices. military networks in 2008.Īllwinner is a company that supplies processors used in Android tablets and other devices. NET framework that has been observed since at least 2014.Īgent.btz is a worm that primarily spreads itself via removable devices such as USB drives.
As of July 2019 Agent Smith had infected around 25 million devices, primarily targeting India though effects had been observed in other Asian countries as well as Saudi Arabia, the United Kingdom, and the United States.Īgent Tesla is a spyware Trojan written for the. It is generally used for long-term espionage and is deployed on targets deemed interesting after a reconnaissance phase.Īgent Smith is mobile malware that generates financial gain by replacing legitimate applications on devices with malicious versions that include fraudulent ads.
#Macos malware used runonly to avoid software
The software was reportedly designed to help a Chinese phone manufacturer monitor user behavior, transferring sensitive data to a Chinese server.ĪDVSTORESHELL is a spying backdoor that has been used by APT28 from at least 2012 to 2016.
#Macos malware used runonly to avoid free
ACAD/Medre.A has the capability to be used for industrial espionage.Īction RAT is a remote access tool written in Delphi that has been used by SideCopy since at least December 2021 against Indian and Afghani government personnel.Īdbupd is a backdoor used by PLATINUM that is similar to Dipsind.ĪdFind is a free command-line query tool that can be used for gathering information from Active Directory.Īdups is software that was pre-installed onto Android devices, including those made by BLU Products. The worm collects AutoCAD files with drawings. AbstractEmu was observed primarily impacting users in the United States, however victims are believed to be across a total of 17 countries.ĪCAD/Medre.A is a worm that steals operational information. It was discovered in 19 Android applications, of which at least 7 abused known Android exploits for obtaining root permissions. The tool is publicly available on GitHub.ĪBK is a downloader that has been used by BRONZE BUTLER since at least 2019.ĪbstractEmu is mobile malware that was first seen in Google Play and other third-party stores in October 2021. Examples include PlugX, CHOPSTICK, etc.ģPARA RAT is a remote access tool (RAT) programmed in C++ that has been used by Putter Panda.ĤH RAT is malware that has been used by Putter Panda since at least 2007.ĪADInternals is a PowerShell-based framework for administering, enumerating, and exploiting Azure Active Directory.
#Macos malware used runonly to avoid windows
Examples include PsExec, Metasploit, Mimikatz, as well as Windows utilities such as Net, netstat, Tasklist, etc. This category includes both software that generally is not found on an enterprise system as well as software generally available as part of an operating system that is already present in an environment. Tool - Commercial, open-source, built-in, or publicly available software that could be used by a defender, pen tester, red teamer, or an adversary.The information provided does not represent all possible technique use by a piece of Software, but ratherĪ subset that is available solely through open source reporting. To Groups who have been reported to use that Software. Software entries include publicly reported technique use or capability to use a technique and may be mapped “Associated Software” on each page (formerly labeled “Aliases”), because we believe these overlaps are useful for analyst awareness. The team makes a best effort to track overlaps between names based on publicly reported associations, which are designated as Tracking the same set of software by different names. Some instances of software have multiple names associated with the same instance due to various organizations Or other tools used to conduct behavior modeled in ATT&CK. Software is a generic term for custom or commercial code, operating system utilities, open-source software,
0 kommentar(er)
