Ride the Lightning

Any iOS Device Can be Hacked in Under a Minute

June 4, 2013

I've admired the security researchers at the Georgia Institute of Technology for some time – their password cracking research several years ago was brilliant.

So it comes as no surprise that Geek.com is reporting that these researchers have succeeded in building a proof-of-concept charger that can hack any iOS device in roughly a minute – even if it has the latest software version. They will display their findings (where else?) at the upcoming Black Hat hacker conference in July.

Who would have thought that something as unassuming as a charger port could be such a vulnerability?

The team will explain that the way iOS handles USB connections makes it vulnerable to exploitation. Using the custom prototype charger, the researchers managed to push arbitrary code onto iOS devices in seconds. What this means is that you could plug, for instance, your iPhone into a rigged charger and it could be either jailbroken or infected with malware. If they infect the device, to ensure persistence of the infection, the researchers will show how an attacker can hide their software in the same way Apple hides its own built-in applications.

The proof-of-concept charger has been dubbed “Mactans”, and is based on a BeagleBoard mini-computer. The BeagleBoard is a low-power open source hardware platform costing about $35-$40 online so price is not an impediment to hackers.

I suspect that we'll hear much more in July.