It might pay to be more careful about where you juice up your phone — because a team of researchers from the Georgia Institute of Technology have put together a prototype charger capable of installing malware onto an iPhone.
The research, which is to be presented at the Black Hat security conference in late July and was spotted by Forbes, was born out of the idea of creating innocent-looking devices which could be used to hack phone. Describing their findings as "alarming", the researchers explain:
"Despite the plethora of defence mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software... All users are affected, as our approach requires neither a jailbroken device nor user interaction.”
Their charger, Mactans — that's another name for the Black Widow spider — uses a small onboard computer to perform its underhand duties. In fact it's based on a Texas Instruments BeagleBoard, which retails at £30-odd. While the resulting charger measures three inches square — bigger than your average power supply — it's still a worrisome proof of concept which could easily be squeezed into a smaller form factor if required, just at higher cost.
Details are — fortunately! — scant about exactly how the device works, but the researchers claim that it can compromise iOS in under a minute, and that the malware infection is persistent and tough to spot. So, think twice about what your plug your phone into. [BlackHat via Forbes]
Image by Digitalnative under Creative Commons license