Attack PC via USB Connection

With escalated privileges, an adversary could program the mobile device to impersonate USB devices such as input devices (keyboard and mouse), storage devices, and/or networking devices in order to attack a physically connected PC[1][2] This technique has been demonstrated on Android. We are unaware of any demonstrations on iOS.

ID: T1427
Sub-techniques:  No sub-techniques
Tactic Type: Post-Adversary Device Access
Platforms: Android
MTC ID: PHY-2
Version: 1.1
Created: 25 October 2017
Last Modified: 03 February 2019

Mitigations

ID Mitigation Description
M1001 Security Updates
M1006 Use Recent OS Version
M1011 User Guidance

Advise users to only connect mobile devices to PCs when a justified need exists (e.g., mobile app development and debugging).

References