Show in Graph
Common Information
Type Value
Value 
Screen Capture - T1513
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may use screen capture to collect additional information about a target device, such as applications running in the foreground, user data, credentials, or other sensitive information. Applications running in the background can capture screenshots or videos of another application running in the foreground by using the Android `MediaProjectionManager` (generally requires the device user to grant consent).(Citation: Fortinet screencap July 2019)(Citation: Android ScreenCap1 2019) Background applications can also use Android accessibility services to capture screen contents being displayed by a foreground application.(Citation: Lookout-Monokle) An adversary with root access or Android Debug Bridge (adb) access could call the Android `screencap` or `screenrecord` commands.(Citation: Android ScreenCap2 2019)(Citation: Trend Micro ScreenCap July 2015)
Details Published Attributes CTI Title
Details Website 2023-09-14 41 Tatar-Language Users in the Crosshairs of Python Screenshotter
Details Website 2023-09-11 47 From ERMAC to Hook: Investigating the technical differences between two Android malware variants
Details Website 2023-08-29 23 Think Before You Scan: The Rise of QR Codes in Phishing
Details Website 2023-08-25 13 LOLBins Demo: The Quieter Way
Details Website 2023-08-25 195 Russia/Ukraine Update - August 2023
Details Website 2023-08-23 45 The Persistent Danger of Remcos RAT - CYFIRMA
Details Website 2023-08-13 69 MoustachedBouncer: Belarus-Linked threat group exploit ISPs for AiTM attacks
Details Website 2023-08-09 14 July 2023’s Most Wanted Malware: Remote Access Trojan (RAT) Remcos Climbs to Third Place while Mobile Malware Anubis Returns to Top Spot - Check Point Blog
Details Website 2023-07-25 81 Apple Crimeware | Massive Rust Infostealer Campaign Aiming for macOS Sonoma Ahead of Public Release
Details Website 2023-07-18 2 A Malware retrospective: SubSeven
Details Website 2023-07-06 239 Increased Truebot Activity Infects U.S. and Canada Based Networks | CISA
Details Website 2023-06-27 4 NAPLISTENER: more bad dreams from developers of SIESTAGRAPH — Elastic Security Labs
Details Website 2023-06-23 100 Securonix Threat Labs Security Advisory: New MULTI#STORM Attack Campaign Involving Python-based Loader Masquerading as OneDrive Utilities Dropping Multiple RAT Payloads Using Security Analytics
Details Website 2023-06-22 1 New education apps and accessible content for Chromebooks
Details Website 2023-06-22 0 New Google for Education tools for how you teach, learn and manage
Details Website 2023-06-21 22 Initial research exposing JOKERSPY — Elastic Security Labs
Details Website 2023-06-17 43 Rewterz Threat Alert – Unveiling the Attacks by White Elephant Group: Exploiting BADNEWS and Remcos Commercial Trojans – Active IOCs
Details Website 2023-06-15 37 eSentire Threat Intelligence Malware Analysis: Aurora Stealer
Details Website 2023-06-13 0 Top 15 Browser Extensions For OSINT Researchers.
Details Website 2023-06-12 19 几种Windows录屏技巧 – 绿盟科技技术博客
Details Website 2023-06-09 0 Stealth Soldier: A New Custom Backdoor Targets North Africa with Espionage Attacks
Details Website 2023-06-09 39 Rewterz Threat Alert – North Africa Targeted by a New Custom Backdoor “Stealth Soldier” – Active IOCs
Details Website 2023-06-09 12 May 2023’s Most Wanted Malware: New Version of Guloader Delivers Encrypted Cloud-Based Payloads - Check Point Blog
Details Website 2023-06-08 30 Monthly Threat Actor Group Intelligence Report, April 2023 (KOR) – Red Alert
Details Website 2023-06-07 176 #StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability | CISA