{
	"id": "135781cf-fadb-4b5c-ade7-c797f68051e9",
	"created_at": "2026-04-06T00:10:27.122175Z",
	"updated_at": "2026-04-10T03:20:52.853177Z",
	"deleted_at": null,
	"sha1_hash": "cc9dec8c560cb4a9e49a856e7acf526b334cb26b",
	"title": "APP-35 · Mobile Threat Catalogue",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 33415,
	"plain_text": "APP-35 · Mobile Threat Catalogue\r\nArchived: 2026-04-05 14:33:37 UTC\r\nMobile Threat Catalogue\r\nRetrieving Sensitive Information from Clipboard\r\nContribute\r\nThreat Category: Malicious or privacy-invasive application\r\nID: APP-35\r\nThreat Description: Any app that has been granted, or that has implicit OS-level permission to access the\r\nclipboard, may collect data left in the clipboard by other activity. A primary example would be using the device\r\nclipboard to copy-and-paste a password from an encrypted file to a form field.\r\nThreat Origin\r\nAttacks on Android Clipboard 1\r\nExploit Examples\r\nUpdate: XcodeGhost Attacker Can Phish Passwords and Open URLs Through Infected Apps 2\r\nCVE Examples\r\nPossible Countermeasures\r\nEnterprise\r\nDeploy MAM or MDM solutions with policies that prohibit the side-loading of apps, which may bypass security\r\nchecks on the app.\r\nDeploy MAM or MDM solutions with policies that prohibit the installation of apps from 3rd party (unofficial) app\r\nstores.\r\nDeploy MAM solutions that can restrict access to the device clipboard and similar OS-provided services to a\r\nwhitelist of trusted apps.\r\nDeploy MAM or container solutions that can restrict communication between trusted and untrusted apps using the\r\ndevice clipboard, copy-and-paste, and similar OS-provided services.\r\nUse application threat intelligence services to identify apps reported to abuse access to the device clipboard or\r\nsimilar OS-provided services to obtain sensitive information.\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-35.html\r\nPage 1 of 2\n\nUse app-vetting tools or services to identify applications that appear to abuse access to the device clipboard or\r\nsimilar OS-provided services to obtain sensitive information.\r\nMobile Device User\r\nUse Android Verify Apps feature to identify potentially harmful apps.\r\nReferences\r\nSource: https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-35.html\r\nhttps://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-35.html\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-35.html"
	],
	"report_names": [
		"APP-35.html"
	],
	"threat_actors": [],
	"ts_created_at": 1775434227,
	"ts_updated_at": 1775791252,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/cc9dec8c560cb4a9e49a856e7acf526b334cb26b.pdf",
		"text": "https://archive.orkl.eu/cc9dec8c560cb4a9e49a856e7acf526b334cb26b.txt",
		"img": "https://archive.orkl.eu/cc9dec8c560cb4a9e49a856e7acf526b334cb26b.jpg"
	}
}