Rover
MITRE
Malware Type:
Other
Other
First seen:
Unknown
Unknown
Last seen:
Unknown
Unknown
Details:
[Rover](https://attack.mitre.org/software/S0090) is malware suspected of being used for espionage purposes. It was used in 2015 in a targeted email sent to an Indian Ambassador to Afghanistan. (Citation: Palo Alto Rover)
Associated Techniques (10)
| ID | ATT&CK | Tactics |
|---|---|---|
| T1005 | Data from Local System | - |
| T1020 | Automated Exfiltration | - |
| T1025 | Data from Removable Media | - |
| T1056.001 | Keylogging | - |
| T1074.001 | Local Data Staging | - |
| T1083 | File and Directory Discovery | - |
| T1112 | Modify Registry | - |
| T1113 | Screen Capture | - |
| T1119 | Automated Collection | - |
| T1547.001 | Registry Run Keys / Startup Folder | - |
Metadata
| ID: | 313 |
| Created: | 13/01/2026 17:48 |
| Updated: | 23/04/2026 04:00 |