Printed from http://www.electronista.com

Researchers claim modified charger can hack iOS devices in one minute

updated 08:49 am EDT, Mon June 3, 2013

Proof of concept attack hardware uses $45 computer, USB

Security researchers have unearthed a method that can add software to an iOS device using a charger. Researchers from the Georgia Institute of Technology will reportedly demonstrate a proof-of-concept charger at the Black Hat security conference in late July that will be capable of installing malware onto an iPhone without the user's knowledge.

The presentation briefing from Billy Lau, Yeongjin Jang, and Chengyu Song claims that the iOS device being charged could be compromised within one minute of being plugged in, and that the resulting software installed could be hidden from view in a similar way to how Apple hides some of its own built-in software items.

In order to demonstrate the USB-based attack's effectiveness, the researchers have constructed a charger using a BeagleBoard, a low-power and open source single-board computer from Texas Instruments that costs $45, which the team calls Mactans. While the resulting hardware would be significantly bigger than the typical Apple charger, thanks to the BeagleBoard's size, it is suggested by the team that someone with more time and funding could end up making a more efficient and well-disguised version.

It is warned that "All users are affected, as our approach requires neither a jailbroken device nor user interaction," including ones running the latest iteration of iOS. Speaking to Forbes, Jang confirmed that the team had contacted Apple with their findings, but has yet to hear anything back. Jang also refused to comment further on the hack.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

  1. robttwo

    Fresh-Faced Recruit

    Joined: 11-15-05

    And let me hold you iOs device for a minute and I can add software to it as well.
    In fact, I can also smash the screen, run over it with a car, and drop it from the Empire State building.

    So, beware.

  1. Grendelmon

    Mac Enthusiast

    Joined: 12-26-07

    Actually

    robttwo, you don't understand the possibilities. Just like thieves installing card readers at gas pumps to steal credit card numbers, I envision the possibility of someone installing these at public USB charge stations at places such as airports, bus stops, etc. Not good. Hopefully Apple squashes this security hole ASAP.

  1. BLAZE_MkIV

    Professional Poster

    Joined: 02-23-00

    The public charging stations have should just have power ports, anyone stupid enough to plug it into an unknown USB port deserves it. I wonder if this would work through a USB hub?

  1. b9bot

    Fresh-Faced Recruit

    Joined: 12-22-08

    First you have to swap my charger for a hacked one. Second you have to break into my house. Third you need to make that technology much smaller to fit inside the existing Apple charger. Fourth you have to get my iPhone which is always in my pocket. Fifth the whole idea of this seems a little extreme unless you are some sort of spy from 007. I always carry my own chargers with me when I travel so again you have to be some kind of pick pocket to swap my charger in order for any of this to work. Right now I'm very confident that this is a very, very, very, very, low threat. I'm also confident that this would also work on Android phones easier than it would on any iPhone since Android software is 99% infected with malware already.

  1. hayesk

    Professional Poster

    Joined: 09-17-99

    "All users are affected, as our approach requires neither a jailbroken device nor user interaction"

    Well, in effect, it is using the same method as jailbreakers use to jailbreak iOS devices.

  1. daqman

    Junior Member

    Joined: 09-15-00

    It is the phrase ""All users are affected" that I take objection to. Many people including myself and others who posted here do not use any charger other than one that they own and bought directly from Apple.
    While they are important these overreaching scare tactic announcements are nothing more than advertising for the group that makes them.

  1. The Vicar

    Junior Member

    Joined: 07-01-09

    Actually, this is pretty bad. You could build a much more efficiently-spaced version which would look just like an actual Apple charger; it wouldn't even have to actually charge. Then you just look for opportunities to swap your fake for people's real chargers. Once you do, you don't have to do anything further -- sooner or later, the person will try to "charge", and your malware is installed. If you left out power from your fake, they will just decide the charger has gone bad and throw it away. And then they have malware, which presumably can contact you over the Internet the next time there's a connection, so you don't even have to meet up with the person again.

    So yes, this is pretty serious. You'd think Apple would require you to unlock to upload software -- they require you to unlock to transfer files to and from the dropbox, after all.

  1. daqman

    Junior Member

    Joined: 09-15-00

    Oh, and another thing, look at the electronics that are used to implement the demo device. To reduce it to a size that would fit into the same footprint as a functional charger and still fit inside the little white cube in a way that would not rouse suspicions would be quite costly. I do not see a significant easy return on investment that would justify the cost of putting many of these out in the wild. Hacking ATMs has an immediate cash return, hacking random iPhones has the possibility of something salable turning up but that has to be weighed agains the cost of implementation and the penalty for detection. I suspect this is not worth the effort unless you have a particular target in mind.

  1. bjojade

    Fresh-Faced Recruit

    Joined: 06-07-07

    Finding USB charging stations is becoming quite commonplace. Airports are one where you'll find a ton of USB chargers, especially when flying internationally. With those devices, size isn't really much of an issue. It's definitely a security risk if simply plugging into a charger will allow software to be installed on an otherwise locked phone.

    I'm surprised nobody has done this before.

  1. Arne_Saknussemm

    Forum Regular

    Joined: 04-05-11

    Yet one more reason replaceable batteries are just the thing to have with you when traveling.

    No need to find an outlet, carry a charger or even wait.

    Just swap the dead one for a fresh one, and you are back in business.

  1. The Vicar

    Junior Member

    Joined: 07-01-09

    @Arne_Saknussemm

    You don't even need replaceable batteries. There are plenty of external power packs for iOS devices. But it's still not as good as bringing a charger; carrying an extra battery just means you can go somewhat longer without a dead device, whereas having a charger means you usually can avoid a dead device entirely.

  1. aristotles

    Grizzled Veteran

    Joined: 07-16-04

    Just carry your own charger that came with the iOS device and charge it from a regular wall socket.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lacking ...

Sponsor

toggle

Most Commented

 
toggle

Popular News