Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


DualToy Windows Trojan Covertly Sideloads Apps on iOS and Android Devices

Windows Trojan known as DualToy was discovered, which can be able to side load the malicious applications onto iOS and Android devices through USB connection via infected computer.

Palo Alto Networks researchers said that DualToy can be seen in existence from January 2015. Although, originally it was restricted to installation of unwanted applications along with displaying the mobile ads in Android devices. Almost after 6 months, Trojan morphed and started targeting the iOS devices after installation of a 3rd party App Store hoping of nabbing the usernames as well as passwords of iTunes.

As per a report of Palo Alto Networks, DualToy received the support to infect iOS devices after 6 months, although the real-world infections number has spiked just recently and 8,000 diverse samples were detected in wild.

Threatpost.com posted on September 14th, 2016, quoting researchers as saying that once the DualToy has infected a machine of Windows, looks for iTunes and ADB (Android Debug Bridge), and then downloaded the drivers of both if they are missing for infecting mobile devices when connected.

Trojan's process uses these 2 applications for interacting with any device that is connected to PC.

The trojan thinks that the device connected to PC is device of the owner. As such, trojan uses the pairing/authorization records that is available on user's PC to try and validate the mobile device which is connected through USB port.

Researchers said that currently, iOS attacks risk are negligible due to the expiration of certificate of Apple App that is required for installing the false App Store installed by the DualToy on the iOS devices. Palo Alto observes that during the last two years, there are similar cases where Apple iOS and Windows malware designed for attacking the mobile devices through techniques of side-loading.

DualToy is harmful. If user does not connect the mobile device to infected PC, then trojan will change the browser settings for injecting ads in the accessed websites.

Claud Xiao, Palo Alto security researcher, said: "this attack vector's capability can be further limited by additional mechanisms (e.g., ADB enabling, iOS sandbox) which make this threat not so severe, DualToy reminds us again how attackers can use USB sideloading against mobile devices and how malware can be spread between platforms".

ยป SPAMfighter News - 9/20/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page