Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86)
Adversaries may utilize standard operating system APIs to gather contact list data. On Android, this can be accomplished using the Contacts Content Provider. On iOS, this can be accomplished using the Contacts framework.
If the device has been jailbroken or rooted, an adversary may be able to access the Contact List without the user’s knowledge or approval.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) | Attack Pattern | Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86) | Attack Pattern | 1 |