Proof-of-concept charger can install malware on iDevices in less than 60 seconds

By , Jun 3, 2013

iPhone charger

Unlike the malware-infested Android, Apple’s mobile platform is mostly malware-free. Little wonder that Apple prides itself with reviewing apps “to guard against malware” while asserting that other mobile platforms pose a “security risk”.

But what if malicious users could hack your iPhone via a specially built charger – and in less than a minute? That’s exactly what three researchers at the Georgia Institute of Technology claim is possible as they prep to show off a proof-of-concept charger which can be used to invisibly install malware on non-jailbroken iOS devices…

According to Forbes, the results of the experiment have been called “alarming”.

The malicious charger, called Mactans, is built around an open-source single-board computer known as a BeagleBoard, sold by Texas Instruments for a retail price of around $45.

The exploit lets an attacker hide their software “in the same way Apple hides its own built-in applications,” reads the description.

Forbes explains:

The researchers write that their attack can compromise an iOS device running the most recent version of Apple’s mobile operating system in less than a minute. They add that they can also demonstrate that the malware infection resulting from their malicious charger is persistent and tough to spot.

“This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed,” the researchers write.

They contacted Apple about their findings, but have yet to hear from the company. The researchers will show off their proof-of-concept charger at the upcoming Black Hat security conference in late July.

An attacker wouldn’t necessarily need to get hold of your device in order to break into it.

For instance, a shady organization with a budget could replicate Apple’s charger and shrink a three-inch square BeagleBoard to fit inside, or even hide the board inside a third-party docking station or external battery.

And with mobile chargers increasingly popping up in places like airports, you have a recipe for a disaster (not that Apple won’t soon fix the exploit, mind you).

  • Share:
  • Follow:
  • pauleebe

    This is interesting.

    However, I can’t remember the last time I used anyone else’s charging cable.

    • Sean Cua

      The problem is with the charger not the cable.

      • http://twitter.com/aidanharris1 ✪ aidan harris ✪

        If he hasn’t used anyone else’s charger cable then it’s unlikely he’s used anyone else’s charger…

      • Sean Cua

        You can always charge using a PC or a laptop using anyone else’s charger. He could have had borrowed a cable to charge using the PC or laptop or any usb port.

    • Erny Carrillo

      U must not use ur phone as much as most ppl do. I have to charge my i5 at least 2x’s a day. When im on the road, ive used plenty of different charger n cables.

      • pauleebe

        Yea, but don’t you own these? Or do you ask random people to use their chargers?

  • Ian

    I’m sticking with Apple’s charger..

  • RarestName

    This is really scary!

  • Ricky

    Just only the jailbreak could be this sinple

  • Justin

    Wait a second… They must have modified the BeagleBone Black to be smaller, because it is currently about the same size as the Raspberry Pi (About the size of a credit card).

  • Rodney Coleman

    This is wild…. Still love apple lol

  • Ignacio Irigoyen

    While this is an issue that should be address, I do not fear for it much.
    The circumstance to get the malware are very specific, and I do not know if the distribution is cost effective.

  • Jack Wong

    Is this a joke?

    But I charge the phone with a computer 50% of the time and the other 50% I use the original charger at home.

  • Muhammad

    Imagine, just plug in your charger and phone is jailbroken, I can only dream

  • Amad

    I can’t see this effecting many people. If it does just restore your phone.

  • Mykel Monroe

    Reminds me of the old Pandora battery for the PSP. I think that’s what it was called…

  • Joseph

    Android is malware-infested my ass. A few rogue apps occasionally appear on the market, sure, but they’re promptly removed. The same thing happens to the iOS App Store, too. The only other method would be to visit an unsafe site targeting Android (illegal APK download sites), or installing untrustworthy APKs. You all submit yourself to the exact same risk when you jailbreak or use an app like vShare or AppCake.

    • Fraz

      Although I hate to admit it but he’s right :P

      • Joseph

        I knew I’d get dislikes for that comment, simply because I’m saying that iOS still has vulnerabilities.

        Grow up, people.

      • endinyal

        Nonsense. iOS has its issues too and rogue apps have been known to get pass Apple’s walled-garden. No one disputes that.

        However, you’re implying that iOS and Android are on-par in terms of vulnerabilities and you’re flat-out wrong. Android does not have a just a “few rogue apps” to worry about. The inherent “open” nature of Android that you folks are so happy to advertise is also its achilles heel.

        Android’s model does have serious problems when it comes to security. Accept it, and move on. Why is it most established institutions rely on iOS instead of Android? Because the security threat is so much lower to almost non-existent on iOS.

        Why try spinning the truth?

        This new security exploit is only a proof-of-concept. No one can really do anything on it an a mass level (yet) and the current pricing of parts is cost-prohibitive. Apple will certainly resolve it.

        Just let it go.

  • TekNoah

    This could be a big deal especially with the DoD adopting iOS. If ATMs can be used to get peoples bank card info public charging stations could easily be compromised and used to steal PII.

  • Bob

    It’s kind of counter-productive if they tell the whole world about their findings, which in the end leads to more exposure and is therefore more likely to be attempted by thieves, hackers, identify theft syndicates, etc.

  • Gorgonphone

    umm why dont they work on jailbreaking IOS 6.1.4 instead..????

    • Vitaliy Anonymous

      Because that would be a HUMONGOUS waste of effort (note the word HUMONGOUS). Finding vulnerabilities that allows you to have jailbreaks is like finding a needle in a haystack. Now if you look at the previous jailbreak, it required 5 vulnerabilities to have one jailbreak. Four of those vulnerabilities were fixes. It took them more than two months to get them. Now with all that effort, I HIGHLY doubt that the hackers would focus on a minor update and burn the vulnerabilities that could be used for an iOS7 jailbreak.

  • Adam Bowman

    “…charger which can be used to invisibly install malware on non-jailbroken iOS devices…”

    I don’t understand…. Is this suggesting that a jaibroken device can’t fall victim to this malware?

  • marco1993

    This just emphasises the fact that we need to buy apple cables and chargers while pointing out security flow to Apple
    Its a win-win situation for Apple

  • smtp25

    Why is no one asking why malware (unsigned code) is allowed to run on a non-JB device? surely this is the holy grail?