Malware attacks Android and iOS devices via USB connection

The DualToy malware for Windows computers has the ability to attack smartphones with Android or iOS that are connected via USB. The malware installs rogue apps on the phones and looks up user information.

The trojan began spreading in January 2015 and initially targeted Chinese users, security company Palo Alto Networks writes. However, the malware has now also been spotted in the United States, the United Kingdom, Thailand, Spain and Ireland. The company has now discovered 8,000 different variants of the malware. It is not yet known how many computers have been infected by it. It is also unclear how this trojan is distributed.

DualToy is made for Windows computers and is capable of infecting connected Android and iOS devices, among other things. Both Android and iOS ask the user if the computer can be trusted before accessing the content of the mobile devices. However, many users have already given that access, as the devices have often been connected before. For a number of properties, the malware uses the Android Debug Bridge software. For this software to work, the USB debugging option must be turned on. This option is off by default.

Once the malware gains access to an Android device, it installs unwanted apps that can display ads and install other apps in the background. With iOS, an app is installed that asks the user for his Apple ID and password. In addition, the data from the device, such as the serial number and phone number, is stolen.

It is not the first time such malware has appeared. In 2014, malware for Macintosh computers appeared that also infects connected iOS devices.