03 Jun 2013
iPhones can be hacked in one minute with a malicious charger, according to researchers at the Georgia Institute of Technology. The security experts plan to present the proof-of-concept device at the Black Hat conference in July. The ‘Mactans’ charger may be used to install malware on a device running the latest version of Apple’s iOS.
“The results were alarming: despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software,” researchers said. “All users are affected, as our approach requires neither a jailbroken device nor user interaction.”
Malicious USB chargers can be constructed out of an open-source single-board computer known as a BeagleBoard, which can be bought for around $45. “While Mactans was built with limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish,” researchers said.
The paper also describes how USB capabilities can be leveraged to bypass Apple security measures. The team had contacted Apple about the exploit, but got no answer, according to Forbes. Researchers aren’t yet sharing all details of their experiment.
Proof-of-concept malware is regularly presented at security conferences. In November last year, an IT security consultant developed for the MalCon conference in New Delhi an application that can hijack smartcard readers.