DualToy is Windows malware that installs malicious applications onto Android and iOS devices connected over USB. [1]

ID: S0315
Version: 1.0
Created: 25 October 2017
Last Modified: 24 October 2022

Techniques Used

Domain ID Name Use
Mobile T1458 Replication Through Removable Media

DualToy side loads malicious or risky apps to both Android and iOS devices via a USB connection.[1]

Mobile T1422 System Network Configuration Discovery

DualToy collects the connected iOS device’s information including IMEI, IMSI, ICCID, serial number and phone number.[1]