1. Home
  2. Software
  3. Tangelo

Tangelo

Tangelo is iOS malware that is believed to be from the same developers as the Stealth Mango Android malware. It is not a mobile application, but rather a Debian package that can only run on jailbroken iOS devices. [1]

ID: S0329
Type: MALWARE
Platforms: iOS
Version: 1.2
Created: 17 October 2018
Last Modified: 10 October 2019
Mobile Layer
download view

Techniques Used

Domain ID Name Use
Mobile T1433 Access Call Log

Tangelo contains functionality to gather call logs.[1]
Mobile T1409 Access Stored Application Data

Tangelo accesses databases from WhatsApp, Viber, Skype, and Line.[1]
Mobile T1429 Capture Audio

Tangelo contains functionality to record calls as well as the victim device's environment.[1]
Mobile T1412 Capture SMS Messages

Tangelo contains functionality to gather SMS messages.[1]
Mobile T1533 Data from Local System

Tangelo accesses browser history, pictures, and videos.[1]
Mobile T1430 Location Tracking

Tangelo contains functionality to gather GPS coordinates.[1]
Mobile T1422 System Network Configuration Discovery

Tangelo contains functionality to gather cellular IDs.[1]

References

  1. Lookout. (n.d.). Stealth Mango & Tangelo. Retrieved September 27, 2018.