Apple fixing bug that allows fake charging stations to hack iPhones

“Apple Inc’s next software update for its iPhones and iPads will fix a security flaw that allows hackers to engage in spying and cyber crimes when the victim connects the device to a fake charging station, the company said on Wednesday,” Jim Finkle reports for Reuters.

“Three computer scientists, who alerted Apple to the problem earlier this year, demonstrated the security vulnerability at the Black Hat hacking convention in Las Vegas on Wednesday where some 7,000 security professionals are learning about the latest threats posed by computer hacking,” Finkle reports. “Apple said the issue had been fixed in the latest beta of iOS 7, which has already been released to software developers. ‘We would like to thank the researchers for their valuable input,’ Apple spokesman Tom Neumayr said.”

Finkle reports, “The work was done by Billy Lau, a research scientist at the Georgia Institute of Technology, and graduate students Yeongjin Jang and Chengyu Song. In a demonstration at the hacking conference, they plugged an iPhone into a custom-built charger they equipped with a tiny Linux computer that was programmed to attack iOS devices. They said it cost about $45 to buy and a week to design… After Apple’s iOS 7 software update, a message will pop up to alert the user that they are connecting to a computer, not an ordinary charger.”

Read more in the full article here.

MacDailyNews Take: This is not something about which we’re even remotely concerned, but it’ll be nice to have the computer/charger warning nonetheless.

Related article:
Apple iOS devices vulnerable to attack when connected to tiny $45 PC shaped like a wall charger – June 4, 2013


  1. An as always. Allot older iOS devices are vulnerable but they will NOT receive a security update for their systems. Only the never versions. It is funny. Older iOS devices are surfing around the web with gigant holes in them because Apple won’t supply a patch.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.