Exploit via Radio Interfaces

The mobile device may be targeted for exploitation through its interface to cellular networks or other radio interfaces.

Baseband Vulnerability Exploitation

A message sent over a radio interface (typically cellular, but potentially Bluetooth, GPS, NFC, Wi-Fi[1] or other) to the mobile device could exploit a vulnerability in code running on the device[2][3].

Malicious SMS Message

An SMS message could contain content designed to exploit vulnerabilities in the SMS parser on the receiving device[4]. An SMS message could also contain a link to a web site containing malicious content designed to exploit the device web browser. Vulnerable SIM cards may be remotely exploited and reprogrammed via SMS messages[5].

ID: T1477
Sub-techniques:  No sub-techniques
Tactic Type: Post-Adversary Device Access
Tactic: Initial Access
Platforms: Android, iOS
Version: 1.1
Created: 17 October 2018
Last Modified: 03 February 2019
Provided by LAYER 8

Procedure Examples

ID Name Description
S0289 Pegasus for iOS

Pegasus for iOS was delivered via an SMS message containing a link to a web site with malicious code.[6]

Mitigations

ID Mitigation Description
M1001 Security Updates
M1006 Use Recent OS Version

References