Adups - S0309 (f6ac21b6-2592-400c-8472-10d0e2f1bfaf)

Adups is software that was pre-installed onto Android devices, including those made by BLU Products. The software was reportedly designed to help a Chinese phone manufacturer monitor user behavior, transferring sensitive data to a Chinese server. (Citation: NYTimes-BackDoor) (Citation: BankInfoSecurity-BackDoor)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Compromise Software Supply Chain - T1474.003 (9558a84e-2d5e-4872-918e-d847494a8ffc)	Attack Pattern	Adups - S0309 (f6ac21b6-2592-400c-8472-10d0e2f1bfaf)	Malware	1
Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d)	Attack Pattern	Adups - S0309 (f6ac21b6-2592-400c-8472-10d0e2f1bfaf)	Malware	1
Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4)	Attack Pattern	Adups - S0309 (f6ac21b6-2592-400c-8472-10d0e2f1bfaf)	Malware	1
Adups - S0309 (f6ac21b6-2592-400c-8472-10d0e2f1bfaf)	Malware	Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86)	Attack Pattern	1
SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002)	Attack Pattern	Adups - S0309 (f6ac21b6-2592-400c-8472-10d0e2f1bfaf)	Malware	1
Compromise Software Supply Chain - T1474.003 (9558a84e-2d5e-4872-918e-d847494a8ffc)	Attack Pattern	Supply Chain Compromise - T1474 (0d95940f-9583-4e0f-824c-a42c1be47fad)	Attack Pattern	2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e)	Attack Pattern	Call Log - T1636.002 (1d1b1558-c833-482e-aabb-d07ef6eae63d)	Attack Pattern	2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e)	Attack Pattern	Contact List - T1636.003 (e0b9ecb8-a7d1-43c7-aa30-8e19c6a92c86)	Attack Pattern	2
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e)	Attack Pattern	SMS Messages - T1636.004 (c6421411-ae61-42bb-9098-73fddb315002)	Attack Pattern	2