Register to stream ATT&CKcon 2.0 October 29-30


DualToy is Windows malware that installs malicious applications onto Android and iOS devices connected over USB. [1]

ID: S0315
Platforms: Android, iOS
Version: 1.1

Techniques Used

Domain ID Name Use
Mobile T1458 Exploit via Charging Station or PC DualToy side loads malicious or risky apps to both Android and iOS devices via a USB connection. [1]
Mobile T1422 System Network Configuration Discovery DualToy collects the connected iOS device’s information including IMEI, IMSI, ICCID, serial number and phone number. [1]