 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
Tool: HenBox| Names | HenBox | |
| Category | Malware | |
| Type | Info stealer | |
| Description | (Palo Alto) Once installed, HenBox steals information from the devices from a myriad of sources, including many mainstream chat, communication, and social media apps. The stolen information includes personal and device information. Of note, in addition to tracking the compromised device’s location, HenBox also harvests all outgoing phone numbers with an “86” prefix, which is the country code for the People’s Republic of China (PRC). It can also access the phone’s cameras and microphone. | |
| Information | <https://unit42.paloaltonetworks.com/unit42-henbox-chickens-come-home-roost/> | |
| MITRE ATT&CK | <https://attack.mitre.org/software/S0544/> | |
| Malpedia | <https://malpedia.caad.fkie.fraunhofer.de/details/apk.henbox> | |
| AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:HenBox> | |
Last change to this tool card: 30 December 2022
Download this tool card in JSON format
| Changed | Name | Country | Observed | ||
APT groups | |||||
| Ke3chang, Vixen Panda, APT 15, GREF, Playful Dragon |  | 2010-Late 2022 | |||
 | Mustang Panda, Bronze President | | 2012-Mar 2024 | ||
2 groups listed (2 APT, 0 other, 0 unknown)
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |