mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-13 14:44:58 +03:00
mukul975
21 lines
931 B
Markdown
21 lines
931 B
Markdown
# Standards Reference: Mobile Malware Detection
|
|
|
|
## OWASP Mobile Top 10 2024
|
|
| ID | Risk | Malware Relevance |
|
|
|----|------|-------------------|
|
|
| M2 | Inadequate Supply Chain Security | Trojanized apps, repackaged malware |
|
|
| M8 | Security Misconfiguration | Excessive permissions enabling malware |
|
|
|
|
## NIST SP 800-163 Rev 1
|
|
- Section 5: Mobile app vetting for malware indicators
|
|
- Section 6: Enterprise mobile device management for malware prevention
|
|
|
|
## MITRE ATT&CK Mobile Matrix
|
|
| Tactic | Technique | Indicator |
|
|
|--------|-----------|-----------|
|
|
| Initial Access | T1444: Masquerade as Legitimate App | App name/icon spoofing |
|
|
| Collection | T1412: Capture SMS Messages | SMS permission + network |
|
|
| Exfiltration | T1437: Standard Application Layer Protocol | HTTP POST to C2 |
|
|
| Command and Control | T1437.001: Web Protocols | HTTPS beaconing |
|
|
| Impact | T1471: Data Encrypted for Impact | File encryption + ransom |
|