Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Black Hat: Researchers Use iPhone Charger As Hacking Tool

Charging your iPhone just got a bit riskier.

LAS VEGAS – At Black Hat USA Wednesday in Las Vegas, a trio of researchers from The Georgia Institute of Technology demonstrated how to abuse USB functionality of Apple iPhones to compromise the device. Using a Beagleboard, the researchers built a proof-of-concept malicious charger they refer to as Mactans.

Charging your iPhone just got a bit riskier.

LAS VEGAS – At Black Hat USA Wednesday in Las Vegas, a trio of researchers from The Georgia Institute of Technology demonstrated how to abuse USB functionality of Apple iPhones to compromise the device. Using a Beagleboard, the researchers built a proof-of-concept malicious charger they refer to as Mactans.

“After pairing, Mactans can do anything that can be done through the USB connection,” said Yeongjin Jang, a PhD student at Georgia Tech who was joined on stage with fellow researchers Billy Lau and Chengyu Song.

That includes creating a developer provisioning profile and adding applications onto the device without the user’s permission. To do this, the researchers had to first steal the UDID [unique device identifier] for the device, which Jang described as “trivial.” Once the new provisioning profile is created and deployed on the phone, a malicious application can be loaded by the attacker.

In the case of their demo, they replaced a legitimate version of the Facebook app with a malicious one that they secretly loaded onto the phone in roughly a minute. Though Jang explained that the app is still sandboxed, it can still call private APIs and be used for a number of nefarious tasks, including taking screenshots of the victim’s password as it is being entered or even placing telephone calls at the behest of the attacker.

There are a few possible attack scenarios for Mactans, explained Lau. For example, USB outlets in airports or hotels could be targeted. In addition, state-sponsored attackers that are well-financed could build a device that looks like a regular charger but actually is malicious, he said.

The device does not need to be jailbroken for Mactans to work. However, if the device is locked while it is charging, the Mactans attack will not work, according to Jang.

Following the disclosure of the attack, Apple implemented a feature in iOS7 to notify users when they plug in any USB device that attempts to establish a data connection. 

Advertisement. Scroll to continue reading.
Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Edge Delta has appointed Joan Pepin as its Chief Information Security Officer.

Vats Srivatsan has been appointed interim CEO of WatchGuard after Prakash Panjwani stepped down.

Network security policy management firm FireMon has appointed Alex Bender as Chief Marketing Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.