Common Information
| Type | Value |
|---|---|
| Value |
Keylogging - T1417.001 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may log user keystrokes to intercept credentials or other information from the user as the user types them. Some methods of keylogging include: * Masquerading as a legitimate third-party keyboard to record user keystrokes.(Citation: Zeltser-Keyboard) On both Android and iOS, users must explicitly authorize the use of third-party keyboard apps. Users should be advised to use extreme caution before granting this authorization when it is requested. * Abusing accessibility features. On Android, adversaries may abuse accessibility features to record keystrokes by registering an `AccessibilityService` class, overriding the `onAccessibilityEvent` method, and listening for the `AccessibilityEvent.TYPE_VIEW_TEXT_CHANGED` event type. The event object passed into the function will contain the data that the user typed. *Additional methods of keylogging may be possible if root access is available. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-16 | 6 | Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations - CyberSRC | ||
| Details | Website | 2024-11-14 | 13 | A Comprehensive Malware Analysis: Deobfuscating and Analyzing a Captive ReCAPTCHA Attack | ||
| Details | Website | 2024-11-14 | 51 | Malware Spotlight: A Deep-Dive Analysis of WezRat | ||
| Details | Website | 2024-11-14 | 49 | Malware Spotlight: A Deep-Dive Analysis of WezRat - Check Point Research | ||
| Details | Website | 2024-11-14 | 1 | Spotlight on Iranian Cyber Group Emennet Pasargad’s Malware - Check Point Blog | ||
| Details | Website | 2024-11-13 | 55 | HawkEye Malware: Technical Analysis | ||
| Details | Website | 2024-11-13 | 55 | HawkEye Malware: Technical Analysis - ANY.RUN's Cybersecurity Blog | ||
| Details | Website | 2024-11-13 | 0 | Authentication Vulnerabilities | ||
| Details | Website | 2024-11-13 | 55 | HawkEye | PredatorPain | ||
| Details | Website | 2024-11-11 | 4 | New Remcos RAT Variant Targets Windows Users Via Phishing | ||
| Details | Website | 2024-11-11 | 3 | Cyber Briefing: 2024.11.11 | ||
| Details | Website | 2024-11-11 | 2 | Researchers Detailed Credential Abuse Cycle | ||
| Details | Website | 2024-11-11 | 0 | Wat is malware? | ||
| Details | Website | 2024-11-10 | 6 | Recent Keylogger Attributed to North Korean Group Andariel Analyzed Through A Hybrid Analysis Perspective | CTF导航 | ||
| Details | Website | 2024-11-08 | 3 | How to Create Your Own Website Vulnerability Scanner | ||
| Details | Website | 2024-11-08 | 2 | Metasploit Guide :- Main weapon of Hackers | ||
| Details | Website | 2024-11-07 | 63 | Weekly Intelligence Report - 08 Nov 2024 | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-11-07 | 4 | Essential Terms for Cybersecurity Conversations: Security and Key Tech Lingo A-Z | ||
| Details | Website | 2024-11-07 | 0 | Using Human Risk Management to Detect and Thwart Cyberattacks - Cybersecurity Insiders | ||
| Details | Website | 2024-11-07 | 19 | CrowdStrike’s work with the Democratic National Committee: Setting the record straight | ||
| Details | Website | 2024-11-07 | 21 | Big Game Hunting: The Evolution of INDRIK SPIDER From Dridex Wire Fraud to BitPaymer Targeted Ransomware | ||
| Details | Website | 2024-11-06 | 44 | GodFather Malware Targets 500 Banking & Crypto Apps Worldwide | ||
| Details | Website | 2024-11-05 | 4 | The Credential Abuse Cycle: Theft, Trade, and Exploitation - ReliaQuest | ||
| Details | Website | 2024-11-05 | 0 | Explosive Leaks! LoyLap and Grayscale Under Attack: New Threats on the Dark Web | ||
| Details | Website | 2024-11-04 | 38 | Monthly Threat Actor Group Intelligence Report, September 2024 (KOR) |