Skip to content

Hide Navigation Hide TOC

TianySpy - S1056 (fd6d56b2-d84e-4d2a-b37d-d4678d3e08a6)

TianySpy is a mobile malware primarily spread by SMS phishing between September 30 and October 12, 2021. TianySpy is believed to have targeted credentials associated with membership websites of major Japanese telecommunication services.(Citation: trendmicro_tianyspy_0122)

Cluster A Galaxy A Cluster B Galaxy B Level
TianySpy - S1056 (fd6d56b2-d84e-4d2a-b37d-d4678d3e08a6) Malware System Information Discovery - T1426 (e2ea7f6b-8d4f-49c3-819d-660530d12b77) Attack Pattern 1
TianySpy - S1056 (fd6d56b2-d84e-4d2a-b37d-d4678d3e08a6) Malware Code Signing Policy Modification - T1632.001 (fcb11f06-ce0e-490b-bcc1-04a1623579f0) Attack Pattern 1
TianySpy - S1056 (fd6d56b2-d84e-4d2a-b37d-d4678d3e08a6) Malware Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern 1
TianySpy - S1056 (fd6d56b2-d84e-4d2a-b37d-d4678d3e08a6) Malware Command and Scripting Interpreter - T1623 (29f1f56c-7b7a-4c14-9e39-59577ea2743c) Attack Pattern 1
TianySpy - S1056 (fd6d56b2-d84e-4d2a-b37d-d4678d3e08a6) Malware Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern 1
TianySpy - S1056 (fd6d56b2-d84e-4d2a-b37d-d4678d3e08a6) Malware Exfiltration Over Alternative Protocol - T1639 (3e091a89-a493-4a6c-8e88-d57be19bb98d) Attack Pattern 1
TianySpy - S1056 (fd6d56b2-d84e-4d2a-b37d-d4678d3e08a6) Malware GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512) Attack Pattern 1
TianySpy - S1056 (fd6d56b2-d84e-4d2a-b37d-d4678d3e08a6) Malware System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 1
TianySpy - S1056 (fd6d56b2-d84e-4d2a-b37d-d4678d3e08a6) Malware Obfuscated Files or Information - T1406 (d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a) Attack Pattern 1
Subvert Trust Controls - T1632 (79cb02f4-ac4e-4335-8b51-425c9573cce1) Attack Pattern Code Signing Policy Modification - T1632.001 (fcb11f06-ce0e-490b-bcc1-04a1623579f0) Attack Pattern 2
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 2
System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern Internet Connection Discovery - T1422.001 (45a5fe76-eda3-4d40-8f22-c186efd6278d) Attack Pattern 2
GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512) Attack Pattern Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad) Attack Pattern 2