Names | HenBox | |
Category | Malware | |
Type | Info stealer | |
Description | (Palo Alto) Once installed, HenBox steals information from the devices from a myriad of sources, including many mainstream chat, communication, and social media apps. The stolen information includes personal and device information. Of note, in addition to tracking the compromised device’s location, HenBox also harvests all outgoing phone numbers with an “86” prefix, which is the country code for the People’s Republic of China (PRC). It can also access the phone’s cameras and microphone. | |
Information | <https://unit42.paloaltonetworks.com/unit42-henbox-chickens-come-home-roost/> | |
Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/apk.henbox> | |
AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:HenBox> |
Last change to this tool card: 24 April 2021
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
APT groups | |||||
Ke3chang, Vixen Panda, APT 15, GREF, Playful Dragon | ![]() | 2010-May 2020 | |||
PKPLUG | ![]() | 2016-Mar 2021 |
2 groups listed (2 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on![]() ![]() |
Report incidents |
|
![]() |
+66 (0)2-123-1227 | |
![]() |
[email protected] |