Common Information
| Type | Value |
|---|---|
| Value |
Device Lockout - T1446 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | An adversary may seek to lock the legitimate user out of the device, for example to inhibit user interaction or to obtain a ransom payment. On Android versions prior to 7, apps can abuse Device Administrator access to reset the device lock passcode to prevent the user from unlocking the device. After Android 7, only device or profile owners (e.g. MDMs) can reset the device’s passcode.(Citation: Android resetPassword) On iOS devices, this technique does not work because mobile device management servers can only remove the screen lock passcode, they cannot set a new passcode. However, on jailbroken devices, malware has been discovered that can lock the user out of the device.(Citation: Xiao-KeyRaider) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-08 | 0 | Mobile Endpoint Security: Why Enhancing EDR for Mobile is Critical to Your Organization | ||
| Details | Website | 2024-10-30 | 154 | Крысиный король: как Android-троян CraxsRAT ворует данные пользователей | Блог F.A.C.C.T. | ||
| Details | Website | 2022-10-25 | 27 | ERMAC 2.0 Evades MFA to Steal Banking Credentials of Over 400 Android Apps |