Code Injection (T1540)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Code Injection

Associated Tactics

  • Persistence
  • Privilege Escalation
  • Defense Evasion

Persistence (TA0028)

The adversary is trying to maintain their foothold. Persistence is any access, action, or configuration change to a mobile device that gives an attacker a persistent presence on the device. Attackers often will need to maintain access to mobile devices through interruptions such as device reboots and potentially even factory data resets.

View on ATT&CK

Procedure Examples

Description Source(s)
Alexandr Fadeev. (2018, August 26). Shared Library Injection on Android 8.0. Retrieved October 30, 2019. Fadeev Code Injection Aug 2018
Lukasz Siewierski. (2019, June 6). PHA Family Highlights: Triada. Retrieved July 16, 2019. Google Triada June 2019
Shunix . (2016, March 22). Shared Library Injection in Android. Retrieved October 30, 2019. Shunix Code Injection Mar 2016