Deliver Malicious App via Authorized App Store (T1475)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Deliver Malicious App via Authorized App Store

Associated Tactics

  • Initial Access

Initial Access (TA0027)

The adversary is trying to get into your device. The initial access tactic represents the vectors adversaries use to gain an initial foothold onto a mobile device.

View on ATT&CK

Procedure Examples

Description Source(s)
Jon Oberheide and Charlie Miller. (2012). Dissecting the Android Bouncer. Retrieved December 12, 2016. Oberheide-Bouncer
Jon Oberheide. (2010, June 25). Remote Kill and Install on Google Android. Retrieved December 12, 2016. Oberheide-RemoteInstall
Nicholas J. Percoco and Sean Schulte. (2012). Adventures in BouncerLand. Retrieved December 12, 2016. Percoco-Bouncer
Radhesh Krishnan Konoth, Victor van der Veen, and Herbert Bos. (n.d.). How Anywhere Computing Just Killed Your Phone-Based Two-Factor Authentication. Retrieved December 12, 2016. Konoth
Thanasis Petsas, Giannis Voyatzis, Elias Athanasopoulos, Michalis Polychronakis, Sotiris Ioannidis. (2014, April). Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android Malware. Retrieved December 12, 2016. Petsas
Tielei Wang, Kangjie Lu, Long Lu, Simon Chung, and Wenke Lee. (2013, August). Jekyll on iOS: When Benign Apps Become Evil. Retrieved December 9, 2016. Wang
NIST Mobile Threat Catalogue
NIST Mobile Threat Catalogue
NIST Mobile Threat Catalogue
NIST Mobile Threat Catalogue
NIST Mobile Threat Catalogue
NIST Mobile Threat Catalogue