Apple Users Warned of Charger Security Threat
If you thought your iPhone or iPad was relatively safe from being hacked, think again – researchers at Georgia Institute of Technology say they have found a way to infect them with malware using a simple-to-make USB charger.
The researchers – Billy Lau, Yeongjin Jang and Chengyu Song – are due to discuss their “alarming” findings at the Black Hat conference in Las Vegas next month. A summary of their talk is now on the conference web site.
They note that many people consider Apple iOS devices to be more secure than other mobile offerings, and say: “In evaluating this belief, we investigated the extent to which security threats were considered when performing everyday activities such as charging a device. The results were alarming: despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system software. All users are affected, as our approach requires neither a jailbroken device nor user interaction.”
The researchers say they built their own proof-of-concept charger, which they called a Mactans after a species of deadly black widow spider, using a BeagleBoard open-hardware computer. “This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed.,” they say.
“We demonstrate how an iOS device can be compromised within one minute of being plugged into a malicious charger. We first examine Apple’s existing security mechanisms to protect against arbitrary software installation, then describe how USB capabilities can be leveraged to bypass these defense mechanisms. To ensure persistence of the resulting infection, we show how an attacker can hide their software in the same way Apple hides its own built-in applications.”
The researchers say they built their Mactans quickly and cheaply, and add: “We also briefly consider what more motivated, well-funded adversaries could accomplish.” They say they also we recommend ways in which users can protect themselves and suggest security features Apple could implement to make the attacks they describe substantially more difficult to implement.
Lau’s profile on the Black Hat site says “he loves to challenge the status quo on conventional security assumptions which are often broken when put to test.”