iPhone Hacked In Under 60 Seconds Using Malicious Charger

DavidGilbert99 writes "Apple's iOs has been known as a bastion of security for many years, but three researchers have now shown iPhones and iPads can be hacked in just under 60 seconds using nothing more than a charger. OK, so it's not just a charger — but the Mactans charger does delete an official app (say Facebook) replacing it with an official-looking one which is actually malware which could access your contacts, messages, emails, phone calls and even capture your passwords. Apple says it will fix the flaw, but not until the release of iOS 7, the date of which hasn't been confirmed yet. So watch out for chargers left lying around ..." (For less in the way of auto-playing video ads with sound, check out the Mac Observer's take, which concludes "[I]t's nifty that Apple is addressing the issue in iOS 7. We'd also like to see it fixed in iOS 6. Apple has historically seen iPhone users upgrade to the newest version iOS in staggeringly high numbers, but eliminating this problem across the board seems the wiser choice.")

Re:Why can't Iphone / ipad have usb port for charg

[The+MAZZTer]

That wouldn't solve the problem? USB chargers on Android can install apps and transfer files either way if the device has USB debugging enabled. If iPhones used USB the data protocols wouldn't be changed and would have the same capabilities...

Re:Jailbreak exploit opportunity

[AlreadyStarted]

The "modified charger" they describe is in fact a computer.

Re:Why can't Iphone / ipad have usb port for charg

iOS uses signing too. The hack described here reads the phone's UID, signs it with an Apple dev key, and then pushes it to the phone. It requires communication with Apple servers and can be used on at most 100 devices before it's automatically disabled.

It's a slightly different style of attack than would be used on Android phones, but in terms of public vulnerability it's not really a different threat level.