It’s generally accepted that iOS powered devices are amongst the most secure devices that are currently available in the consumer mobile market. This isn’t to say that Apple has built an impenetrable device that isn’t susceptible to any kind of attack, but it has been proven time and time again that hardware running Android and other available operating systems are an easier nut to crack for more malicious minded amongst us.
That thought process generally has some merit, but it’s worth considering applying a little more caution when plugging your iOS device into an alien charger, as a team of security researchers have managed to produce a malware based charging device that compromises the iOS hardware within one minute of being plugged in.
The findings from the research team involved is set to be presented to the wider public during the Black Hat security conference that is being held in the United States toward the end of July. The security researchers will not only present their findings during the Las Vegas based conference, but also discuss the processes involved in producing the charger and discuss the reasons why they undertook the project.
The initial theory for this particular project seems to come from attempting to understand how in-depth Apple has been with their on-device security when it comes to performing day-to-day activities. Almost every single iPhone or iPod touch user will charge their device on a regular daily basis, so it seemed to make perfect sense to investigate the potential for compromising the phone through the charging mechanisms. Designing and building the modified charger allowed the team to inject arbitrary software into all current-generation devices that were all running the latest version of iOS.
The charger itself has been given the name “Mactans” and has been developed using a BeagleBoard (a low-power open-sourced piece of hardware), chosen purely to show the relative ease involved in building an official looking charger that can contain a rather nasty surprise. Although it’s rather concerning to know that a device of this nature could exist, what’s more concerning is that it doesn’t require any user interaction from the user, and the device doesn’t need to be jailbroken. The Black Hat discussion on the matter should be extremely interesting, but going forward, it would be advisable to think twice about how you charge that precious iOS device of yours.