Show in Graph
Common Information
Type Value
Value 
Keylogging - T1417.001
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may log user keystrokes to intercept credentials or other information from the user as the user types them. Some methods of keylogging include: * Masquerading as a legitimate third-party keyboard to record user keystrokes.(Citation: Zeltser-Keyboard) On both Android and iOS, users must explicitly authorize the use of third-party keyboard apps. Users should be advised to use extreme caution before granting this authorization when it is requested. * Abusing accessibility features. On Android, adversaries may abuse accessibility features to record keystrokes by registering an `AccessibilityService` class, overriding the `onAccessibilityEvent` method, and listening for the `AccessibilityEvent.TYPE_VIEW_TEXT_CHANGED` event type. The event object passed into the function will contain the data that the user typed. *Additional methods of keylogging may be possible if root access is available.
Details Published Attributes CTI Title
Details Website 2024-11-04 38 Monthly Threat Actor Group Intelligence Report, September 2024 (KOR) – Red Alert
Details Website 2024-11-04 24 From Pyongyang to Your Payroll: The Rise of North Korean Remote Workers in the West
Details Website 2024-11-04 4 Recent Keylogger Attributed to North Korean Group Andariel Analyzed Through A Hybrid Analysis Perspective
Details Website 2024-11-03 0 Hardware Security —  Protecting Against Side-Channel and Fault Injection Attacks
Details Website 2024-11-03 1 October 2024 Threat Trend Report on APT Attacks (South Korea) - ASEC
Details Website 2024-11-01 62 Weekly Intelligence Report - 01 Nov 2024 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting
Details Website 2024-10-30 154 Крысиный король: как Android-троян CraxsRAT ворует данные пользователей | Блог F.A.C.C.T.
Details Website 2024-10-30 1 New PySilon RAT Abusing Discord Platform to Maintain Persistence
Details Website 2024-10-29 28 Monthly Threat Actor Group Intelligence Report, August 2024 (ENG) – Red Alert
Details Website 2024-10-28 2 Russian Espionage Group Targets Ukrainian Military with Malware via Telegram
Details Website 2024-10-28 2 Russian Espionage Group Targets Ukrainian Military with Malware via Telegram - RedPacket Security
Details Website 2024-10-28 0 LoyLap Database Leak, New Jason RAT, and Supercell Exploit for Sale on Dark Web - SOCRadar® Cyber Intelligence Inc.
Details Website 2024-10-28 2 LoyLap Database Leak, New Jason RAT, and Supercell Exploit for Sale on Dark Web
Details Website 2024-10-24 1 Cerberus Malware: Understanding the Evolving Android Banking Trojan and the ErrorFather Campaign
Details Website 2024-10-24 4 Intelligence Insights: October 2024
Details Website 2024-10-22 0 RAT Malware Operating via Discord Bot - ASEC
Details Website 2024-10-22 1 I “Has” Cybersecurity: Secure Boot vs Full Disk Encryption
Details Website 2024-10-21 902 RST TI Report Digest: 21 Oct 2024
Details Website 2024-10-20 0 AI Conversations Exposed: The Token Length Vulnerability in ChatGPT, Copilot, and More
Details Website 2024-10-19 1 Firejail: Your First Line of Defense for Linux Application Security
Details Website 2024-10-19 0 10 Smallest Hacker Gadgets and Their Ethical Uses in Penetration Testing
Details Website 2024-10-19 0 Multi-Factor Authentication: Your Digital Security Superhero
Details Website 2024-10-18 44 Weekly Intelligence Report - 18 Oct 2024 | #ransomware | #cybercrime | National Cyber Security Consulting
Details Website 2024-10-16 5 Cyber Briefing: 2024.10.16
Details Website 2024-10-16 7 Malicious ads exploited Internet Explorer zero day to drop malware