Replication Through Removable Media (T1091)

View on ATT&CK

In Playbook

Technique & Subtechniques

  • Replication Through Removable Media

Associated Tactics

  • Lateral Movement
  • Initial Access

Lateral Movement (TA0008)

The adversary is trying to move through your environment. Lateral Movement consists of techniques that adversaries use to enter and control remote systems on a network. Following through on their primary objective often requires exploring the network to find their target and subsequently gaining access to it. Reaching their objective often involves pivoting through multiple systems and accounts to gain. Adversaries might install their own remote access tools to accomplish Lateral Movement or use legitimate credentials with native network and operating system tools, which may be stealthier.

View on ATT&CK

Procedure Examples

Description Source(s)
Lucian Constantin. (2014, January 23). Windows malware tries to infect Android devices connected to PCs. Retrieved May 25, 2022. Windows Malware Infecting Android
Zack Whittaker. (2019, August 12). This hacker’s iPhone charging cable can hijack your computer. Retrieved May 25, 2022. iPhone Charging Cable Hack
Zhaohui Wang & Angelos Stavrou. (n.d.). Exploiting Smart-Phone USB Connectivity For Fun And Profit. Retrieved May 25, 2022. Exploiting Smartphone USB