Tangelo - S0329 (35aae10a-97c5-471a-9c67-02c231a7a31a)

Tangelo is iOS malware that is believed to be from the same developers as the Stealth Mango Android malware. It is not a mobile application, but rather a Debian package that can only run on jailbroken iOS devices. (Citation: Lookout-StealthMango)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002)	Attack Pattern	Tangelo - S0329 (35aae10a-97c5-471a-9c67-02c231a7a31a)	Malware	1
Stored Application Data - T1409 (702055ac-4e54-4ae9-9527-e23a38e0b160)	Attack Pattern	Tangelo - S0329 (35aae10a-97c5-471a-9c67-02c231a7a31a)	Malware	1
Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4)	Attack Pattern	Tangelo - S0329 (35aae10a-97c5-471a-9c67-02c231a7a31a)	Malware	1
Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d)	Attack Pattern	Tangelo - S0329 (35aae10a-97c5-471a-9c67-02c231a7a31a)	Malware	1
Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760)	Attack Pattern	Tangelo - S0329 (35aae10a-97c5-471a-9c67-02c231a7a31a)	Malware	1
Data from Local System - T1533 (e1c912a9-e305-434b-9172-8a6ce3ec9c4a)	Attack Pattern	Tangelo - S0329 (35aae10a-97c5-471a-9c67-02c231a7a31a)	Malware	1
System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd)	Attack Pattern	Tangelo - S0329 (35aae10a-97c5-471a-9c67-02c231a7a31a)	Malware	1
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e)	Attack Pattern	SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002)	Attack Pattern	2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e)	Attack Pattern	Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d)	Attack Pattern	2