Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Infect iOS Devices With Malware Via Malicious Charger

Posted by timothy on from the nobody-wants-some-iphone-with-a-social-disease dept.

Sparrowvsrevolution writes "At the upcoming Black Hat security conference in late July, three researchers at the Georgia Institute of Technology plan to show off a proof-of-concept charger that they say can be used to invisibly install malware on a device running the latest version of Apple's iOS. A description of their talk posted to the conference website describes how they were able to install whatever malware they wished on an Apple device within a minute of the user plugging it into their malicious charger, which they're calling 'Mactans' after the scientific name of a Black Widow spider. The malware-loaded USB plug is built around an open-source single-board computer known as a BeagleBoard, sold by Texas Instruments for a retail price of around $45. The researchers have contacted Apple about their exploit but haven't heard back from the company and aren't sharing more details of their hack until they do."

3 of 201 comments (clear)

  1. Re:Physical Access by slim · · Score: 5, Insightful

    GP has already provided you with a potential scenario - presumably the chargers Vodafone fitted in London taxis were a USB socket and/or an iPod dock mounted in the passenger section of the taxi. The BeagleBoard could be anywhere in the taxi.

    Plus, it's a proof of concept. It could certainly be miniaturised.

    I doubt that any other smartphone OS is immune to this kind of attack, however.

  2. Re:Physical Access by fredprado · · Score: 4, Insightful

    The prototype being based in a big developer board means nothing. The exploit could be easily replicated in smaller boards that would fit just fine in regular chargers.

  3. Re:Physical Access by gmack · · Score: 4, Insightful

    This is not an "open the device and latch on to some henceforth unprotected internal signal" attack vector. Attaching the phone to someone else's charger is not unusual behavior.

    It's based on a BeagleBoard, which is larger than a business card. It's going to be tough to fool people into using a charger that looks like it swallowed half your iPhone.

    Sure they will. In Spain there are charging kiosks with coin slots and cables going somewhere you can't see them and people use those all of the time. You forget that in most public charging situations you don't want just anyone to be able to unplug the thing and walk away with it.