Apple moves to thwart iPhone charger hack

nestor e. arellano

11 years ago

If you use public charging stations for your iPhone or iPad you should take extra case, care.

Three researchers have recently demonstrated that it is possible for attackers to commandeer iOS devices with the use of bogus charging stations designed to embedded malware into an Apple phone or tablet while it is being charged.

Apple Inc. said it is working to fix a security flaw that enabled attackers to hack iPhones and iPads when the devices are plugged to a fake charging station.

The three computer scientists informed Apple about the flaw earlier this year. They also demonstrated hack Wednesday at the Black Hat hacking convention in Las Vegas.

Today, an Apple spokesperson said the company is grateful to Billy Lau, research scientists at the Georgia Institute of Technology and graduate students Chengyu Song and Yeongin Jang for their “valuable input” and said the fix to the issue will appear in the latest beta version of iOS7.

The software update is scheduled to be released this fall, so until then Apple devices will remain vulnerable to the attack.

In their demonstration, the trio plugged an iPhone to a charger which they equipped with a small Linux computer programmed to attack iOS devices. The researchers said they spent $45 on their project and worked on it for a week.

The custom-built charger infected the iPhone with a computer virus that caused the phone to dial a number of one of the researchers.

They said in a real attack, cyber criminals could develop a virus that will enable them to fully control devices. This would allow them to steal banking passwords and credit card numbers or gain access to emails, contact information or track the location of the device owner.

Read the whole story here