Wednesday, 5 June 2013

Your iPhone Could Be Poisoned by Its Charger

 Ever loan or borrow an iOS charger? You might want to think twice before doing so in the future, as a group of researchers have figured out how to modify chargers to load malware onto iOS devices in less than a minute. The researchers will describe how USB capabilities can be leveraged to bypass Apple's security mechanisms at Black Hat USA 2013 this summer.

 

 Researchers at the Georgia Institute of Technology have developed a way to hack into iOS devices through a modified charger.
Billy Lau, a research scientist at the institute, together with two Ph.D. students, will present a paper on this at Black Hat USA 2013, to be held in Las Vegas July 27 through Aug. 1.
It took only 1 minute for an iOS device to be compromised after being plugged into a malicious charger. All users potentially could be affected because the team's approach doesn't require jailbreaking the device and does not involve any user interaction.
"Many people with iOS devices don't put antivirus on their devices because they believe they're less likely to be infected," Julien Blin, a directing analyst at Infonetics, told MacNewsWorld. "That's a misconception in my opinion, and that's an opportunity for hackers."
Apple did not respond to our request to comment for this story.

 

The Evil That Chargers May Do

The researchers built a proof-of-concept malicious charger they call "Mactans." For this, they used a Beagleboard, which is basically a Linux PC a tad larger than a credit card.
The researchers will describe how USB capabilities can be leveraged to bypass Apple's security mechanisms, and will show how attackers can hide their software in the same way Apple hides its own built-in applications to avoid detection.

Apple devs use Xcode to build OS X and iOS applications.
Mactans was built with constraints on time and budget, and the researchers will discuss briefly what hackers with better funding and more time might be able to do with the concept of poisoning chargers.
They will also recommend ways users might protect themselves, and suggest security features Apple could implement to help make such attacks more difficult.
The Georgia Institute of Technology's Billy Lau was not immediately available to provide further details. 

For more detail: Visit Here
 
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)