Apple iOS devices vulnerable to attack when connected to tiny $45 PC shaped like a wall charger

“Apple iPhones can be taken over with ‘alarming’ ease using a custom-built charger, security researchers warn,” BBC News reports.

“Using the bogus charger, a team from Georgia Institute of Technology managed to infect a phone with a virus in less than a minute,” The Beeb reports. “Any device using Apple’s iOS operating system would be as vulnerable to infection, claim the trio. More details of their work will be given at the upcoming Black Hat USA hacker conference.”

The Beeb reports, “The team created their malicious charger using a tiny bare-bones computer called a BeagleBoard that costs about £30 ($45). ‘This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed,’ wrote the researchers in their conference summary… The presentation will also make recommendations about how Apple could close the vulnerability uncovered by the team.”

Read more in the full article here.

MacDailyNews Take: Interesting, but at 45-bucks a pop, and requiring the attacker to convince targets to use them, it’s hardly cost-effective for a widespread attack. If you hook just about anything up to a computer, whether it’s shaped like a wall charger or not, there likely will be the potential for security issues.

As always, Apple will correct whatever conduit this thing is using if it’s deemed necessary, which is ostensibly why these hacker conventions exist.

If this is the type of tortured, convoluted stuff that hackers are forced to come up with in order to get into an Apple device (having to shape a PC like something else and get users to plug their devices into them) iOS’ security will remain the gold standard for many years to come.

[Thanks to MacDailyNews Reader “Boris K” for the heads up.]

Related articles:
99.9% of new mobile malware targets Android phones – May 30, 2013
Mobile malware exploding, but only for Android – May 14, 2013
Mobile malware: Android is a bad apple – April 15, 2013
F-Secure: Android accounted for 96% of all mobile malware in Q4 2012 – March 7, 2013
New malware attacks Android phones, Windows PCs to eavesdrop, steal data; iPhone, Mac users unaffected – February 4, 2013
FBI issues warning over Android malware attacks – October 15, 2012
Researchers discover serious flaw in Android app security, say HTC and Samsung ignore issue – September 28, 2012
Apple’s iPhone has passed a key security threshold – August 13, 2012
Android permissions flaw allows eavesdropping, data theft, location tracking – December 2, 2011
Massive HTC Android security flaw leaves security expert speechless – October 2, 2011
Apple’s iOS unaffected by malware as Android exploits surge 76% – August 24, 2011
Android malware records phone calls; iPhone users unaffected – August 2, 2011
Symantec: Apple iOS offers ‘full protection,’ Google Android ‘little protection’ vs. malware attacks – June 29, 2011
Malware apps spoof Android Market to infect Android phones – June 21, 2011
Google forced to pull several malware-infested apps from Android market – June 8, 2011
Android malware sees explosive growth; even faster than with PCs – April 27, 2011
Virus-laden apps infest Google’s ‘open’ Android platform; iPhone unaffected – March 3, 2011
Security firm warns of new Android trojan that can steal personal information; iPhone unaffected – December 30, 2010
Trojan infects Android smartphones; iPhone unaffected – August 10, 2010
Millions of Android phone users slammed by malicious data theft app – July 29, 2010
Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 4, 2010
Malware designed to steal bank information pops up in Google’s Android app store – January 11, 2010

34 Comments

    1. I’m not 100% sure about that but if I remember well it’s a little bit more difficult as you need physical access to the phone to start it in developer or debug mode.

      It’s very easy to achieve if you have the phone 5 seconds in your hand but gives a little bit more safety for random attacks through a “public charging station”

      That said… It’s not a very big threat, but I think Apple should correct this vulnerability ASAP. Now the vulnerability has gone public there could be some self-proclaimed hackers that could try to put “free charging stations” in public places.

    2. And what does one have to do to infect an Android phone?

      Toss your malware up on any of the Android app sites and give it a sweet name to attract flies. Within days you’ll have potentially infected 10s of thousands of Android settlers. It’s seriously THAT EASY.

      Android malware continues to spiral exponentially in number. Android malware consists of over 99% of all current smartphone malware. Enjoy your ScamStung iPhone and iPad-wannabes kids, while you can.

  1. It’s not really a charger though is it? It’s a charger in the same way that a Mac is a charger, it can supply power, but ultimately it’s a computer. It may be disguised as a charger, but ultimately it’s not official so if you’re going to plug your phone into some stranger device you have to be aware of the risk, plus it’s hardly going to cause widespread problems. If this was the only way of hacking your device it’d be the least of anyone’s problems.

  2. I’m going to go out on a limb here and say that just about anything can be hacked with custom designed, purpose-built hardware. Why this is surprising or newsworthy is beyond me.

    1. Why this is surprising or newsworthy is beyond me.

      1) Apple bashing is perennial. Rain or shine, success or actual failure.

      2) Because Apple’s devices and operating systems are innately more secure (yes they are trolls!) this causes great ire and generates endless FUD from those who suffer with less secure systems.

      There is no such thing as perfect security. Flaws are regularly found in OS X, QuickTime, Webkit, etc. I used to have a reflex hate response to snarky hackers who picked on Apple security, such as Dr. Charlie Miller. Then I *DING* figured out that they are an incredible benefit to Apple users because they search out every possible little buffer overflow or hacking channel that can compromise Apple gear. Now they’re my heroes.

      Symantec started the current onslaught of anti-Apple security FUD back in 2005. They predicted OS X was DOOMED to be deluged with malware as the baloney ‘Security Through Obscurity’ effect diminished. Of course, eight years later we discover that it never happened. Instead we have to contend with crap security from the likes of Adobe, Oracle and Microsoft, the current darlings of both the White Hat and Black Hat hackers.

      IOW: Discoveries of security flaws is a GOOD THING. The more they’re out in the open the less we have to worry about secret back doors bad guys can use to PWN us. A BAD THING would be if they were reported then nothing was done about them. That is not acceptable. 😕

  3. Apple has “back-door” for authorities, as recent leaks from authorities confirmed. It could be very weird sequence of pressing various buttons — as recently exposed and fixed by Apple — or jailbreaking process like this one described in the article.

    There could be many of such vulnerabilities. Authorities may only hope that researches will not find all of them or else Apple will not be able to “crack” protected iPhones/iPads even if authorities submit them to Apple after queue that lasts many months.

    Android devices have the same issue. Some of vulnerabilities are unforeseen by developers, and some are very sophisticated so that devices could be “cracked” by authorities in case of need.

    Those things I certainly do not like, but there is nothing that could be done with it.

    1. Apple has “back-door” for authorities, as recent leaks from authorities confirmed.

      NO. Actually the OPPOSITE has been proven by authorities. Did you miss this news?

      Apple’s iMessage encryption trips up feds’ surveillance
      Internal document from the Drug Enforcement

      Administration complains that messages sent with Apple’s encrypted chat service are “impossible to intercept,” even with a warrant.
      http://news.cnet.com/8301-13578_3-57577887-38/apples-imessage-encryption-trips-up-feds-surveillance/

      Everything I’ve ever read indicates that Apple’s encryption security is for real, much to the frustration of authorities. Maybe you’re thinking of Microsoft.

      1. iMessage is different issue; I talk about locked and encrypted iPhones/iPads for which Apple has queue for authorities, when they wait Apple to crack devices for them.

        Unfortunately, Apple does not stand for civil liberties in this aspect. As all of the others, too.

  4. Beagle board? Anybody else reminded of the positively ancient Apple ][ Software vendor Beagle Bros.? Miss them. Hope they’re not in the mini-PC fake wall charger business!

  5. There is nothing real-world or practical about this hack. What it is, is a demonstration of some hacking skill and creativity. It is much like the competition to build a vehicle that will go the longest with 100 ml of liquid fuel, where creative engineers build a contraption from Styrofoam, balsa wood an some tiny single-cylinder engine, demonstrating the concept of low-consumption design, but with no practical use.

    Nonetheless, I doubt not that Apple will plug the hole, just for PR reasons, if nothing else.

    1. ATM and credit card skimmers started off as larger, bulky proof-of-concept devices. Once they got the things working properly, they miniaturized it so it could be hidden almost in plain sight, and ripped off a lot of unsuspecting people.

    2. There is nothing real-world or practical about this hack.

      Yes there is. Using third party chargers out in the field is commonplace. Setting up one of these scam chargers for hacking your device is easy. I always bring my own charger with me. But a lot of innocent people do not. Check out the charging stations at airports. Some coffee houses have them, etc.

  6. First someone has to get their hands on my device, then plug it into one of these “chargers”, then transfer the virus to my device. How is this going to happen unless they steal my device? Not many devices will get infected and what good is it if I don’t have it any more?

  7. I choose a system that requires you to purchase a virus for $45 over one that requires you to purchase anti-virus software and subscriptions.

    And if you have to buy something that appears safe and bring it in your home, or otherwise accept it, to be affected by its malicious true intent, does that actually make it a Trojan?

  8. And this is only in “THEORY”, not reality. They don’t have such a device small enough to look like an iPhone charger with there gimmick inside it to fool anyone at present. What about Android devices, they obviously are more vulnerable as they have 99% of malware already attacking there devices. Good try to shoot down the safety of IOS but it lacks a lot of credibility in so many ways.

      1. Mmm you apparently don’t understand the business of hacking. (and/or perhaps business in general) It’s against the law, and so needs a high ROI (return on investment) It is also low yield (per “customer”), so the cost of acquisition has to be low very low, like under a dollar, waaaaay under.
        You think you can hack up a microcomputer in a USB charger for under a dollar?
        Attempting to “install somthing like that in a public charging port is even riskier, and if you are down to a physical level (with the huge risk that goes with that) you would be far far better off putting false fronts on gas pumps and ATM’s than attempting to physically hack into someones smart phone.

        1. Oh dear, you’ve insulted me to the core. I shall barf.

          Go look up Dr. Charlie Miller, whom I pointed out in my post, and follow his exploits over time. He does it for the love of it, as well as a way to establish his reputation in computer security. There’s a hacker for you.

          I’ve never met a true hacker who gives a rat’s about ROI. What are you going on about?

          As for using a $35 Raspberry Pi board as a faked charging station, QED. You apparently don’t understand the concept of ‘LUSER’. Many tech users have no idea what’s legitimate versus scam hardware or software. That’s why there are administrator accounts and client accounts. But perhaps you’ve never run across this foundational concept of computing. 😛

          1. Clueless and angry is no way to go through life.

            Of course malware is a business do you think they are stealing credit and Id just to do it,
            Hackers like Charlie Milner are also business a but a different type (“security” business) however they don’t write malware they only do “proofs of concept” for the promotion

            But yeah they all take money for what they do my naive little friend.

  9. Well, it is a very cool James Bond like hacking vulnerability but I don’t think this is a threat at all since it only exist as a proof of concept. Perhaps an attack like this was not really expected and there for not guarded against. Although I think it’s important that security researchers exist and do their job this is also a way to create problems where none exist especially when a neat solution is offered like a complete package to Apple. I mean, when a solution is offered at the same time as the problem is peresented the problem doesn’t really exist and it is only done for publicity or something. There is allot of things that can be done to things when you have physical access to them. Perhaps anti tampering technogy isn’t iPhones strong side.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.