{
	"id": "96fd725e-401c-4672-a3e0-e36aa5998f2e",
	"created_at": "2026-04-06T00:13:26.317574Z",
	"updated_at": "2026-04-10T03:20:36.666433Z",
	"deleted_at": null,
	"sha1_hash": "6de9eba41ef82ee33c535deb6ff59357a888d44b",
	"title": "APP-13 · Mobile Threat Catalogue",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 34027,
	"plain_text": "APP-13 · Mobile Threat Catalogue\r\nArchived: 2026-04-02 11:29:26 UTC\r\nMobile Threat Catalogue\r\nSensitive Information Discovery via OS APIs\r\nContribute\r\nThreat Category: Malicious or privacy-invasive application\r\nID: APP-13\r\nThreat Description: Apps may be granted permission, by the user or by default, access common data stores\r\nprovided by the mobile OS. Common stores are contacts lists, call history, calendar, notes, or app clipboard. When\r\napps used in differing personal and enterprise contexts have access to these stores, they may contain co-mingled\r\npersonal and enterprise data. A malicious or invasive app granted access to these locations can collect any\r\nsensitive data stored there, likely with an intent to exfiltrate it to the attacker.\r\nThreat Origin\r\nThe Google Android Security Team’s Classifications for Potentially Harmful Applications 1\r\nExploit Examples\r\nAn investigation of Chrysaor Malware on Android 2\r\nCVE Examples\r\nPossible Countermeasures\r\nEnterprise\r\nDeploy MAM or MDM solutions with policies that prohibit the sideloading of apps, which may bypass security\r\nchecks on the app.\r\nDeploy MAM or MDM solutions with policies that prohibit the installation of apps from 3rd party (unofficial) app\r\nstores.\r\nPerform application vetting to identify privacy-invasive behaviors by apps.\r\nUse application threat intelligence data about potential privacy risks associated with apps installed on devices\r\nUse features such as Apple iOS Managed Apps, Android for Work, or Samsung KNOX Workspace that provide\r\nadditional separation between personal apps and enterprise apps to mitigate the leakage of private information\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-13.html\r\nPage 1 of 2\n\nbetween work/personal contexts.\r\nMobile Device User\r\nUse Android Verify Apps feature to identify apps that may violate privacy.\r\nMobile App Developer\r\nOnly request access to the minimal set of shared data stores (e.g., contacts, calendar), OS services (e.g. location\r\nservices), and device sensors (e.g. camera, microphone) necessary for the app to provide functionality.\r\nOnly collect the minimal set of device or user data necessary for the app to provide functionality.\r\nReferences\r\nSource: https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-13.html\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-13.html\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-13.html"
	],
	"report_names": [
		"APP-13.html"
	],
	"threat_actors": [],
	"ts_created_at": 1775434406,
	"ts_updated_at": 1775791236,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/6de9eba41ef82ee33c535deb6ff59357a888d44b.pdf",
		"text": "https://archive.orkl.eu/6de9eba41ef82ee33c535deb6ff59357a888d44b.txt",
		"img": "https://archive.orkl.eu/6de9eba41ef82ee33c535deb6ff59357a888d44b.jpg"
	}
}