Hackers Install Malware on iPhone With Malicious Charger
June 3, 2013 3:36 PM
comment(s) - last by
Black Hat conference demonstration shows a fresh route to subverting the popular iPhone
Apple, Inc.'s (
) popular smartphone, the iPhone, has had its
fair share of security struggles in the past
. Researchers are preparing to unveil in a few months a new iOS exploit at the annual
Black Hat security conference
-- to be held Sept. 10-12 in Las Vegas, Nev. The attack, like some past hacks, relies on flaws in transfer protocols in the joint proprietary data/charging USB connector. The researchers give things a new twist, though, demonstrating how this can be baked into a third party microcontroller, allowing for malicious peripherals.
The physical attack was developed by a trio of security researchers at the
Georgia Institute of Technology
-- post-doctoral researcher
, Ph.D candidate
, and Ph.D candidate
. The "alarming" the physical-type attack is described in
[D]espite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software. All users are affected, as our approach requires neither a jailbroken device nor user interaction.
In this presentation, we demonstrate how an iOS device can be compromised within one minute of being plugged into a malicious charger. We first examine Apple’s existing security mechanisms to protect against arbitrary software installation, then describe how USB capabilities can be leveraged to bypass these defense mechanisms. To ensure persistence of the resulting infection, we show how an attacker can hide their software in the same way Apple hides its own built-in applications.
To demonstrate practical application of these vulnerabilities, we built a proof of concept malicious charger, called Mactans, using a BeagleBoard. This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed. While Mactans was built with limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish. Finally, we recommend ways in which users can protect themselves and suggest security features Apple could implement to make the attacks we describe substantially more difficult to pull off.
The researchers seem to draw the name of their malicious charger from the scientific name for the iconic Southern Black Widow spider,
. The hack isn't very price -- the BeagleBoard used is a Texas Instruments, Inc. (
) development product which retails for around $45 USD.
The attack uses a TI Beagle Board. [Image Source: Julien Ponge]
The last major exploit found in the USB data transfer layer involved flaws in the backup processes. This allowed the
published in February
to jailbreak iOS devices. Apple patched the flaw -- which could also be exploited for malicious purposes --
in the iOS 6.1.3 update
that aired a month later in March.
The attack reportedly works on both the old and new style proprietary iPhone connectors, as it is firmware based. The attackers suggest that the supporting circuitry for the attack could be hidden in an external charger or battery, giving buyers of a malicious product a nasty surprise -- a hacked iPhone. And a more sophisticated attacker could miniaturize them into even smaller form factors like cables.
The researchers contacted Apple about their findings but were rewarded with silence,
Apple is notorious for a
belligerent stance towards security professionals
sluggish patching pace
for security flaws
, with some security firms suggesting it is
ten years behind Microsoft
) in terms of security.
Black Hat conference [abstract]
This article is over a month old, voting and posting comments is disabled
Good and bad
6/4/2013 3:51:00 PM
I think it would be pretty tricky for someone to hack a public USB charging station, and most of the time you use a normal power outlet with your own charger.
On the other hand, it would be nice if a Jailbreak team can make use of this so the latest iOS can be Jailbroken. I'm stuck at version 6.1 for now (althoughI haven't had any issues with it).
"It seems as though my state-funded math degree has failed me. Let the lashings commence." -- DailyTech Editor-in-Chief Kristopher Kubicki
Apple iOS 6.1.3 Update Will Terminate Evasi0n Jailbreak
February 26, 2013, 10:23 AM
Evasi0n iOS 6.x Jailbreak Downloaded 800,000 Times in First 6 Hours
February 5, 2013, 5:49 PM
Quick Note: Untethered Jailbreak for iOS 6.x Released
February 4, 2013, 2:23 PM
Apple Takes 3 Months But Finally Stops Printing Passwords in Plaintext
May 9, 2012, 5:20 PM
Kaspersky Labs: Apple's Security 10 Years Behind Microsoft
April 26, 2012, 7:39 AM
Chromebooks Expected to See Sales Grow 26 Percent to 7.3 Million Units This Year
May 22, 2015, 1:26 PM
Apple Finally Updates 15" MacBook Pro w/ Force Touch; 5K iMac Gets Price Cut
May 20, 2015, 1:45 PM
LG G4's International Rollout Begins; Pint-Sized G4c, High-End G4 Stylus Trot Out
May 19, 2015, 12:54 AM
President Obama Posts His First "Personal" Tweet to Twitter Via an iPhone
May 18, 2015, 4:38 PM
Microsoft Bricks the Xbox Ones of Gears of War Testers Responsible for Leaks
May 14, 2015, 5:26 PM
Windows 10 Mobile Build 10080 is Available for New Phones, Brings Office Preview
May 14, 2015, 2:53 PM
Most Popular Articles
America's Largest Cable Company, Comcast, Sees Internet Subscriptions Pass TV
May 4, 2015, 2:46 PM
Can id Software's Doom Find Its Way Out of a 7+ Year Development Hell?
May 19, 2015, 7:38 PM
Oculus Rift Confirms "Pause" in OS X, Linux Development, Some Devs are Mad
May 18, 2015, 11:36 PM
The Pirate Bay Loses Its Iconic Swedish Dot SE Domains
May 20, 2015, 6:31 PM
In-Depth: Apple's ~$1B Court Victory Over Samsung to be Cut up to a Third
May 18, 2015, 9:20 PM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information