“Apple iPhones can be taken over with ‘alarming’ ease using a custom-built charger, security researchers warn,” BBC News reports.
“Using the bogus charger, a team from Georgia Institute of Technology managed to infect a phone with a virus in less than a minute,” The Beeb reports. “Any device using Apple’s iOS operating system would be as vulnerable to infection, claim the trio. More details of their work will be given at the upcoming Black Hat USA hacker conference.”
The Beeb reports, “The team created their malicious charger using a tiny bare-bones computer called a BeagleBoard that costs about £30 ($45). ‘This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed,’ wrote the researchers in their conference summary… The presentation will also make recommendations about how Apple could close the vulnerability uncovered by the team.”
Read more in the full article here.
MacDailyNews Take: Interesting, but at 45-bucks a pop, and requiring the attacker to convince targets to use them, it’s hardly cost-effective for a widespread attack. If you hook just about anything up to a computer, whether it’s shaped like a wall charger or not, there likely will be the potential for security issues.
As always, Apple will correct whatever conduit this thing is using if it’s deemed necessary, which is ostensibly why these hacker conventions exist.
If this is the type of tortured, convoluted stuff that hackers are forced to come up with in order to get into an Apple device (having to shape a PC like something else and get users to plug their devices into them) iOS’ security will remain the gold standard for many years to come.
[Thanks to MacDailyNews Reader “Boris K” for the heads up.]
99.9% of new mobile malware targets Android phones – May 30, 2013
Mobile malware exploding, but only for Android – May 14, 2013
Mobile malware: Android is a bad apple – April 15, 2013
F-Secure: Android accounted for 96% of all mobile malware in Q4 2012 – March 7, 2013
New malware attacks Android phones, Windows PCs to eavesdrop, steal data; iPhone, Mac users unaffected – February 4, 2013
FBI issues warning over Android malware attacks – October 15, 2012
Researchers discover serious flaw in Android app security, say HTC and Samsung ignore issue – September 28, 2012
Apple’s iPhone has passed a key security threshold – August 13, 2012
Android permissions flaw allows eavesdropping, data theft, location tracking – December 2, 2011
Massive HTC Android security flaw leaves security expert speechless – October 2, 2011
Apple’s iOS unaffected by malware as Android exploits surge 76% – August 24, 2011
Android malware records phone calls; iPhone users unaffected – August 2, 2011
Symantec: Apple iOS offers ‘full protection,’ Google Android ‘little protection’ vs. malware attacks – June 29, 2011
Malware apps spoof Android Market to infect Android phones – June 21, 2011
Google forced to pull several malware-infested apps from Android market – June 8, 2011
Android malware sees explosive growth; even faster than with PCs – April 27, 2011
Virus-laden apps infest Google’s ‘open’ Android platform; iPhone unaffected – March 3, 2011
Security firm warns of new Android trojan that can steal personal information; iPhone unaffected – December 30, 2010
Trojan infects Android smartphones; iPhone unaffected – August 10, 2010
Millions of Android phone users slammed by malicious data theft app – July 29, 2010
Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 4, 2010
Malware designed to steal bank information pops up in Google’s Android app store – January 11, 2010