216.73.217.86

T1642: Endpoint Denial of Service

View on MITRE ATT&CK The MITRE Corporation · Published 06/04/2022 15:52 · Modified 27/03/2026 01:41

Essential information

MITRE technique ID
T1642
Confidence
100/100
Revoked
No
Published
06/04/2022 15:52
Modified
27/03/2026 01:41
Author / Source
The MITRE Corporation

Platforms

android iOS

Description

Adversaries may perform Endpoint Denial of Service (DoS) attacks to degrade or block the availability of services to users. On Android versions prior to 7, apps can abuse Device Administrator access to reset the device lock passcode, preventing the user from unlocking the device. After Android 7, only device or profile owners (e.g. MDMs) can reset the device’s passcode.(Citation: Android resetPassword) On iOS devices, this technique does not work because mobile device management servers can only remove the screen lock passcode; they cannot set a new passcode. However, on jailbroken devices, malware has been discovered that can lock the user out of the device.(Citation: Xiao-KeyRaider)

Kill chain phases

Kill chainPhase
mitre-mobile-attack impact

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references