FutureFive NZ - Fake iPhone chargers: Hacked in 60 seconds

Warning: This story was published more than a year ago.

Fake iPhone chargers: Hacked in 60 seconds

Dodgy Apple chargers could hack iOS software in less than a minute, according to an "alarming" research study released.

Researchers from America's Georgia Institute of Technology claims to have created a "malicious charger", apparently capable of bringing iOS to its knees.

"Apple iOS devices are considered by many to be more secure than other mobile offerings," the report authors Billy Lau, Yeongjin Jang and Chengyu Song wrote.

"In evaluating this belief, we investigated the extent to which security threats were considered when performing everyday activities such as charging a device.

"The results were alarming: despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software.

"All users are affected, as our approach requires neither a jailbroken device nor user interaction."

In an upcoming presentation at Las Vegas' Black Hat security conference, the trio will demonstrate how an iOS device can be compromised within one minute of being plugged into a malicious charger.

"We first examine Appleā€™s existing security mechanisms to protect against arbitrary software installation, then describe how USB capabilities can be leveraged to bypass these defense mechanisms," the researches claimed.

"To ensure persistence of the resulting infection, we show how an attacker can hide their software in the same way Apple hides its own built-in applications."

To demonstrate practical application of these vulnerabilities, the group built a proof of concept malicious charger, called Mactans, using a BeagleBoard.

"This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed," the report read.

"While Mactans was built with limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish.

"Finally, we recommend ways in which users can protect themselves and suggest security features Apple could implement to make the attacks we describe substantially more difficult to pull off."

Do you own a fake iPhone charger? Have you ever had any problems as a result? Tell us your experiences below

Interested in this topic?
We can put you in touch with an expert.

Follow Us


next-story-thumb Scroll down to read: