216.73.216.233

T1636.005: Accounts

View on MITRE ATT&CK The MITRE Corporation · Published 17/09/2025 16:58 · Modified 27/03/2026 01:41

Essential information

MITRE technique ID
T1636.005
Confidence
100/100
Revoked
No
Published
17/09/2025 16:58
Modified
27/03/2026 01:41
Author / Source
The MITRE Corporation

Platforms

android iOS

Description

Adversaries may utilize standard operating system APIs to gather account data. On Android, this can be accomplished by using the AccountManager API. For example, adversaries may use the `getAccounts()` method to list all accounts.(Citation: Android_AccountManager_Feb2025) On iOS, this can be accomplished by using the Keychain services. If the device has been jailbroken or rooted, adversaries may be able to access [Accounts](https://attack.mitre.org/techniques/T1636/005) without the users’ knowledge or approval.

Kill chain phases

Kill chainPhase
mitre-mobile-attack collection

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references

Related entities

Intrusion sets, malware, reports, vulnerabilities, indicators and other entities linked to this technique.