Android may be the most popular mobile platform for malware -- it’s an easy choice for hackers, considering it’s the largest (in terms of market share), most open and least secure -- but Apple’s iOS, despite being completely malware-free, is not completely devoid of security vulnerabilities (see: jailbreaking).
While malware has never infected the iPhone, researchers at the Georgia Institute of Technology have devised a way to hack Apple’s iOS devices, including iPhones and iPads, by using a modified charger. “Apple iOS devices are considered by many to be more secure than other mobile offerings. In evaluating this belief, we investigated the extent to which security threats were considered when performing everyday activities such as charging a device,” the researchers wrote in a blog post on the Black Hat conference event page, which will be held from July 27 to Aug. 1.
“The results were alarming: Despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system [OS] software. All users are affected, as our approach requires neither a jailbroken device nor user interaction.”
Billy Lau, Yeongjin Jang and Chengyu Song demonstrated how an iOS device could be compromised in just one minute after being plugged into a “malicious” device charger. By examining how Apple’s current security measures protect against software installation, the research team discovered how the capabilities of the USB cord, which connects iOS devices to their power source, can be “leveraged to bypass these defense mechanisms,” even hiding them in the software in the same way Apple hides its many built-in applications.
Researchers created a proof of concept malicious charger called Mactans, which was built using a BeagleBoard -- an open-source single-board computer built by Texas Instruments (similar to Raspberry Pi). “This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed,” the researchers said. “While Mactans was built with limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish.”
While the Mactans charger can easily install malware into iOS devices, it’s not ready for commercialization just yet; the credit card-size Mactans cannot fit the regular iPhone or iPad charger casing and would need to be scaled down to do so. But the security team was also kind enough to recommend ways for users to protect themselves against these kind of attacks, as well as what measures Apple could implement in future versions of iOS to better preserve the software infrastructure. The researchers plan to demonstrate the Mactans charger hacking iOS devices at the Black Hat security conference in July. Follow Dave Smith on Twitter