Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d)
Adversaries may utilize standard operating system APIs to gather call log data. On Android, this can be accomplished using the Call Log Content Provider. iOS provides no standard API to access the call log.
If the device has been jailbroken or rooted, an adversary may be able to access the Call Log without the user’s knowledge or approval.
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) | Attack Pattern | Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d) | Attack Pattern | 1 |