1. Home
  2. Software
  3. RuMMS

RuMMS

RuMMS is an Android malware family. [1]

ID: S0313
Type: MALWARE
Platforms: Android
Version: 1.1
Created: 25 October 2017
Last Modified: 11 December 2018
Mobile Layer
download view

Techniques Used

Domain ID Name Use
Mobile T1412 Capture SMS Messages

RuMMS uploads incoming SMS messages to a remote command and control server.[1]
Mobile T1476 Deliver Malicious App via Other Means

RuMMS is delivered via an SMS message containing a link to an APK (Android application package).[1]
Mobile T1437 Standard Application Layer Protocol

RuMMS uses HTTP for command and control.[1]
Mobile T1426 System Information Discovery

RuMMS gathers device model and operating system version information and transmits it to a command and control server.[1]
Mobile T1422 System Network Configuration Discovery

RuMMS gathers the device phone number and IMEI and transmits them to a command and control server.[1]

References

  1. Wu Zhou, Deyu Hu, Jimmy Su, Yong Kang. (2016, April 26). RUMMS: THE LATEST FAMILY OF ANDROID MALWARE ATTACKING USERS IN RUSSIA VIA SMS PHISHING. Retrieved February 6, 2017.