Common Information
| Type | Value |
|---|---|
| Value |
Keylogging - T1417.001 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may log user keystrokes to intercept credentials or other information from the user as the user types them. Some methods of keylogging include: * Masquerading as a legitimate third-party keyboard to record user keystrokes.(Citation: Zeltser-Keyboard) On both Android and iOS, users must explicitly authorize the use of third-party keyboard apps. Users should be advised to use extreme caution before granting this authorization when it is requested. * Abusing accessibility features. On Android, adversaries may abuse accessibility features to record keystrokes by registering an `AccessibilityService` class, overriding the `onAccessibilityEvent` method, and listening for the `AccessibilityEvent.TYPE_VIEW_TEXT_CHANGED` event type. The event object passed into the function will contain the data that the user typed. *Additional methods of keylogging may be possible if root access is available. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-07-31 | 78 | AutoIt 활용 방어 회피 전술의 코니 APT 캠페인 분석 | ||
| Details | Website | 2024-07-30 | 22 | Monthly Threat Actor Group Intelligence Report, June 2024 (KOR) – Red Alert | ||
| Details | Website | 2024-07-30 | 49 | UNC4393 Goes Gently into the SILENTNIGHT | Google Cloud Blog | ||
| Details | Website | 2024-07-25 | 33 | Onyx Sleet uses array of malware to gather intelligence for North Korea | Microsoft Security Blog | ||
| Details | Website | 2024-07-25 | 59 | How APT groups operate in Southeast Asia | ||
| Details | Website | 2024-07-15 | 22 | This Meeting Should Have Been an Email | ||
| Details | Website | 2024-07-12 | 0 | RAT Catchers - What are We Up Against? - Packt SecPro | ||
| Details | Website | 2024-06-25 | 47 | How to detect the modular RAT CSHARP-STREAMER | ||
| Details | Website | 2024-06-24 | 1 | What Is Open Source Intelligence (OSINT)? | ||
| Details | Website | 2024-06-19 | 172 | Behind the Great Wall Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 CC Framework | ||
| Details | Website | 2024-06-13 | 89 | Arid Viper poisons Android apps with AridSpy | ||
| Details | Website | 2024-06-05 | 13 | Cybersecurity threatscape: Q1 2024 | ||
| Details | Website | 2024-06-03 | 16 | Unveiling Sharp Panda’s New Loader – Securite360 | ||
| Details | Website | 2024-05-30 | 11 | Protecting your devices from information theft — Elastic Security Labs | ||
| Details | Website | 2024-05-28 | 1 | Threats of the Week: Black Basta, Scattered Spider, and FIN7 Malvertising | ||
| Details | Website | 2024-05-16 | 11 | Security Brief: Artificial Sweetener: SugarGh0st RAT Used to Target American Artificial Intelligence Experts | Proofpoint US | ||
| Details | Website | 2024-05-03 | 5 | Dissecting REMCOS RAT: An in-depth analysis of a widespread 2024 malware, Part Three — Elastic Security Labs | ||
| Details | Website | 2024-04-30 | 6 | Dissecting REMCOS RAT: An in-depth analysis of a widespread 2024 malware, Part Two — Elastic Security Labs | ||
| Details | Website | 2024-04-22 | 43 | Nazar: A Lost Amulet — The Lost Reports | ||
| Details | Website | 2024-03-28 | 62 | Android Malware Vultur Expands Its Wingspan | ||
| Details | Website | 2024-03-16 | 24 | The GlorySprout or a Failed Clone of Taurus Stealer – RussianPanda Research Blog | ||
| Details | Website | 2024-03-13 | 41 | CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign | ||
| Details | Website | 2024-03-13 | 37 | CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign | ||
| Details | Website | 2024-03-11 | 38 | iSoon leak sheds light on China’s use of extensive hacker-for-hire ecosystem | ||
| Details | Website | 2024-03-08 | 0 | CTEM: Understanding Octo Malware for Senior Stakeholders |