Location Tracking (T1430)

View on ATT&CK

In Playbook

Technique & Subtechniques

Associated Tactics

  • Collection
  • Discovery

Collection (TA0035)

The adversary is trying to gather data of interest to their goal. Collection consists of techniques used to identify and gather information, such as sensitive files, from a target network prior to exfiltration. This category also covers locations on a system or network where the adversary may look for information to exfiltrate.

View on ATT&CK

Procedure Examples

Description Source(s)
A. Hinchliffe, M. Harbison, J. Miller-Osborn, et al. (2018, March 13). HenBox: The Chickens Come Home to Roost. Retrieved September 9, 2019. Palo Alto HenBox
Android Developers. (2022, March 24). Request Location Permissions. Retrieved April 1, 2022. Android Request Location Permissions
Apple Developers. (n.d.). Requesting Authorization for Location Services. Retrieved April 1, 2022. Apple Requesting Authorization for Location Services
I. Beer. (2019, August 29). Implant Teardown. Retrieved June 2, 2020. Google Project Zero Insomnia
Wenjun Hu, Cong Zheng and Zhi Xu. (2017, July 6). SpyDealer: Android Trojan Spying on More Than 40 Apps. Retrieved September 18, 2018. PaloAlto-SpyDealer
NIST Mobile Threat Catalogue