{ "type": "bundle", "id": "bundle--f5c3a1e8-8ba1-46ed-a222-f96ffbf14117", "spec_version": "2.0", "objects": [ { "labels": [ "malware" ], "x_mitre_platforms": [ "Android" ], "x_mitre_domains": [ "mobile-attack" ], "x_mitre_aliases": [ "CarbonSteal" ], "object_marking_refs": [ "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" ], "id": "malware--007ebf84-4e14-44c7-a5aa-151d5de85320", "type": "malware", "created": "2020-11-10T16:50:38.917Z", "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", "external_references": [ { "external_id": "S0529", "source_name": "mitre-attack", "url": "https://attack.mitre.org/software/S0529" }, { "source_name": "Lookout Uyghur Campaign", "url": "https://www.lookout.com/documents/threat-reports/us/lookout-uyghur-malware-tr-us.pdf", "description": "A. Kumar, K. Del Rosso, J. Albrecht, C. Hebeisen. (2020, June 1). Mobile APT Surveillance Campaigns Targeting Uyghurs - A collection of long-running Android tooling connected to a Chinese mAPT actor. Retrieved November 10, 2020." } ], "modified": "2021-09-20T13:54:19.819Z", "name": "CarbonSteal", "description": "[CarbonSteal](https://attack.mitre.org/software/S0529) is one of a family of four surveillanceware tools that share a common C2 infrastructure. [CarbonSteal](https://attack.mitre.org/software/S0529) primarily deals with audio surveillance. (Citation: Lookout Uyghur Campaign)", "x_mitre_version": "1.1", "x_mitre_attack_spec_version": "2.1.0", "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5" } ] }