Researchers have found a new flaw in the iOS ecosystem that lets them inject malware onto any iOS device using a modified charger. The flaw was discovered by a team of 3 researchers, Billy Lau, Yeongjin Jang and Chengyu Song, who have claimed that this mechanism works on the latest version of iOS.
The researchers will be demonstrating their technique to inject malware onto iOS devices during the Black Hat security conference, which is going to be held later this year. They claim that any iOS device can be hacked in less than a minute using this technique.
Detailing how they have achieved this, the researchers said, “To demonstrate practical application of these vulnerabilities, we built a proof of concept malicious charger, called Mactans, using a BeagleBoard. This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed. While Mactans was built with limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish.”
The researchers claim that they have figured out a way to hack Apple’s existing security mechanisms, which protects its devices against arbitrary software installation, through a USB connection. They went on to say that they were also able to discover a flaw in which a hacker can hide his malicious applications so they don’t show up on a device’s app list.
Usually, all iOS devices are sandboxed and only install signed apps from certified sources, so it will be interesting to see how the researchers found a workaround to this. Also, the fact that this hack does not require any user attention means that all iOS devices, whether jailbroken or not, will be at risk. Yeongjin Jang has mentioned in an interview that he has notified Apple of the flaw. BeagleBoard, the utility claimed to have been used by the team, is a tiny low-cost board that runs Debian and is the size of a credit card.
Source: Black Hat