DualToy is Windows malware that installs malicious applications onto Android and iOS devices connected over USB. [1]

ID: S0315
Platforms: Android, iOS
Version: 1.1
Created: 25 October 2017
Last Modified: 11 December 2018

Techniques Used

Domain ID Name Use
Mobile T1458 Exploit via Charging Station or PC

DualToy side loads malicious or risky apps to both Android and iOS devices via a USB connection.[1]

Mobile T1422 System Network Configuration Discovery

DualToy collects the connected iOS device’s information including IMEI, IMSI, ICCID, serial number and phone number.[1]