The sub-techniques beta is now live! Read the release blog post for more info.

Attack PC via USB Connection

With escalated privileges, an adversary could program the mobile device to impersonate USB devices such as input devices (keyboard and mouse), storage devices, and/or networking devices in order to attack a physically connected PC[1][2] This technique has been demonstrated on Android. We are unaware of any demonstrations on iOS.

ID: T1427
Tactic Type: Post-Adversary Device Access
Tactic: Lateral Movement
Platform: Android
Version: 1.1
Created: 25 October 2017
Last Modified: 03 February 2019


Mitigation Description
Security Updates
Use Recent OS Version
User Guidance

Advise users to only connect mobile devices to PCs when a justified need exists (e.g., mobile app development and debugging).