Trusted Design

Rootnik Android Trojan Abuses Commercial Rooting Tool

概要

Palo Alto recently analyzed a Trojan named “Rootnik” which uses a customized commercial root tool named “Root Assistant” to gain root access on Android devices. By reverse engineering and repackaging this tool, the creators of Rootnik successfully stole at least five exploits that give them root access to Android devices that are running Android 4.3 and earlier. Root Assistant was developed by a Chinese company to help individuals gain root access to their own devices. However, Rootnik uses this tool to attack phones all over the world. Based on the data we have collected, Android users in United States, Malaysia, Thailand, Lebanon and Taiwan have been affected by the Trojan thus far.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Gamaredon Group

Score: 3.88
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1588.002 - Tool
MITREへのリンク →

LuminousMoth

Score: 9.14
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1560 - Archive Collected Data
  • T1588.002 - Tool
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Aoqin Dragon

Score: 3.88
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1588.002 - Tool
MITREへのリンク →

Darkhotel

Score: 3.03
Matched TTPs:
  • T1091 - Replication Through Removable Media
MITREへのリンク →

Mustang Panda

Score: 11.06
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1588.002 - Tool
  • T1046 - Network Service Discovery
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

FIN7

Score: 11.31
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1564.001 - Hidden Files and Directories
  • T1078.003 - Local Accounts
MITREへのリンク →

APT28

Score: 17.81
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1560 - Archive Collected Data
  • T1588.002 - Tool
  • T1564.001 - Hidden Files and Directories
  • T1550.001 - Application Access Token
  • T1669 - Wi-Fi Networks
MITREへのリンク →

Tropic Trooper

Score: 10.13
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1046 - Network Service Discovery
  • T1564.001 - Hidden Files and Directories
  • T1078.003 - Local Accounts
MITREへのリンク →

Medusa Group

Score: 6.75
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1588.002 - Tool
  • T1046 - Network Service Discovery
MITREへのリンク →

Threat Group-3390

Score: 6.75
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1588.002 - Tool
  • T1046 - Network Service Discovery
MITREへのリンク →

Dragonfly

Score: 3.44
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1588.002 - Tool
MITREへのリンク →

Patchwork

Score: 3.44
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1588.002 - Tool
MITREへのリンク →

Ember Bear

Score: 8.49
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1046 - Network Service Discovery
  • T1588.005 - Exploits
MITREへのリンク →

BlackByte

Score: 4.36
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1046 - Network Service Discovery
MITREへのリンク →

Lazarus Group

Score: 12.71
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1046 - Network Service Discovery
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

APT32

Score: 15.38
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1046 - Network Service Discovery
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1078.003 - Local Accounts
MITREへのリンク →

FIN6

Score: 10.05
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1046 - Network Service Discovery
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Ke3chang

Score: 3.44
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1588.002 - Tool
MITREへのリンク →

menuPass

Score: 5.21
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1588.002 - Tool
  • T1046 - Network Service Discovery
MITREへのリンク →

Kimsuky

Score: 9.74
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1588.005 - Exploits
  • T1078.003 - Local Accounts
MITREへのリンク →

FIN13

Score: 7.38
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1046 - Network Service Discovery
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Wizard Spider

Score: 5.69
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Naikon

Score: 3.86
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1046 - Network Service Discovery
MITREへのリンク →

Fox Kitten

Score: 3.86
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1046 - Network Service Discovery
MITREへのリンク →

PROMETHIUM

Score: 4.76
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1078.003 - Local Accounts
MITREへのリンク →

Magic Hound

Score: 4.71
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1046 - Network Service Discovery
MITREへのリンク →

BackdoorDiplomacy

Score: 4.71
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1046 - Network Service Discovery
MITREへのリンク →

APT41

Score: 4.71
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1588.002 - Tool
  • T1046 - Network Service Discovery
MITREへのリンク →

Turla

Score: 3.52
Matched TTPs:
  • T1588.002 - Tool
  • T1078.003 - Local Accounts
MITREへのリンク →

APT29

Score: 3.52
Matched TTPs:
  • T1588.002 - Tool
  • T1078.003 - Local Accounts
MITREへのリンク →

Scattered Spider

Score: 5.39
Matched TTPs:
  • T1588.002 - Tool
  • T1538 - Cloud Service Dashboard
MITREへのリンク →

FIN8

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

OilRig

Score: 5.36
Matched TTPs:
  • T1588.002 - Tool
  • T1046 - Network Service Discovery
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Sea Turtle

Score: 3.52
Matched TTPs:
  • T1588.002 - Tool
  • T1078.003 - Local Accounts
MITREへのリンク →

Contagious Interview

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Thrip

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

FIN10

Score: 3.52
Matched TTPs:
  • T1588.002 - Tool
  • T1078.003 - Local Accounts
MITREへのリンク →

APT33

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Play

Score: 3.52
Matched TTPs:
  • T1588.002 - Tool
  • T1078.003 - Local Accounts
MITREへのリンク →

Salt Typhoon

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Rocke

Score: 4.43
Matched TTPs:
  • T1046 - Network Service Discovery
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

RedCurl

Score: 4.43
Matched TTPs:
  • T1046 - Network Service Discovery
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

HAFNIUM

Score: 9.46
Matched TTPs:
  • T1564.001 - Hidden Files and Directories
  • T1550.001 - Application Access Token
  • T1078.003 - Local Accounts
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.79
Matched TTPs:
  • T1588.002 - Tool
  • T1560 - Archive Collected Data
  • T1669 - Wi-Fi Networks
  • T1564.001 - Hidden Files and Directories
  • T1091 - Replication Through Removable Media
  • T1550.001 - Application Access Token
MITREへのリンク →

APT32

Score: 0.71
Matched TTPs:
  • T1588.002 - Tool
  • T1078.003 - Local Accounts
  • T1560 - Archive Collected Data
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1036.004 - Masquerade Task or Service
  • T1046 - Network Service Discovery
MITREへのリンク →

Lazarus Group

Score: 0.59
Matched TTPs:
  • T1588.002 - Tool
  • T1560 - Archive Collected Data
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1036.004 - Masquerade Task or Service
  • T1046 - Network Service Discovery
MITREへのリンク →

FIN7

Score: 0.58
Matched TTPs:
  • T1588.002 - Tool
  • T1078.003 - Local Accounts
  • T1564.001 - Hidden Files and Directories
  • T1036.004 - Masquerade Task or Service
  • T1091 - Replication Through Removable Media
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る