Jared Ondricek
54 lines
2.3 KiB
JSON
54 lines
2.3 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--9b027c7d-ffd3-490f-a683-62853260ce2e",
|
|
"spec_version": "2.0",
|
|
"objects": [
|
|
{
|
|
"x_mitre_platforms": [
|
|
"Android",
|
|
"iOS"
|
|
],
|
|
"x_mitre_domains": [
|
|
"mobile-attack"
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
|
|
],
|
|
"type": "attack-pattern",
|
|
"id": "attack-pattern--4e6620ac-c30c-4f6d-918e-fa20cae7c1ce",
|
|
"created": "2017-10-25T14:48:11.535Z",
|
|
"x_mitre_version": "1.0",
|
|
"external_references": [
|
|
{
|
|
"source_name": "mitre-attack",
|
|
"external_id": "T1432",
|
|
"url": "https://attack.mitre.org/techniques/T1432"
|
|
},
|
|
{
|
|
"url": "https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-13.html",
|
|
"source_name": "NIST Mobile Threat Catalogue",
|
|
"external_id": "APP-13"
|
|
}
|
|
],
|
|
"x_mitre_deprecated": false,
|
|
"revoked": true,
|
|
"description": "An adversary could call standard operating system APIs from a malicious application to gather contact list (i.e., address book) data, or with escalated privileges could directly access files containing contact list data.",
|
|
"modified": "2022-04-01T13:19:41.180Z",
|
|
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
|
|
"name": "Access Contact List",
|
|
"x_mitre_detection": "On both Android (6.0 and up) and iOS, the user can view which applications have permission to access contact list information through the device settings screen, and the user can choose to revoke the permissions.",
|
|
"kill_chain_phases": [
|
|
{
|
|
"phase_name": "collection",
|
|
"kill_chain_name": "mitre-mobile-attack"
|
|
}
|
|
],
|
|
"x_mitre_is_subtechnique": false,
|
|
"x_mitre_tactic_type": [
|
|
"Post-Adversary Device Access"
|
|
],
|
|
"x_mitre_attack_spec_version": "2.1.0",
|
|
"x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
|
|
}
|
|
]
|
|
} |