Black Hat: Researchers demo charger capable of malicious app installs on iPhone

Share this article:
Apple will now include a fix for the issue in an iOS 7 update planned for the fall.
Apple will now include a fix for the issue in an iOS 7 update planned for the fall.

Researchers demonstrated Wednesday how a craftily built malicious charger for iPhones can trick users into launching a "trojanized" application the looks just like popular apps already on their phones.

Georgia Tech researchers Billy Lau, Chengyu Song and Yeongjin Jang demonstrated for Black Hat conference attendees how their proof-of-concept charger, nicknamed Mactans, could steal phone data like UDID numbers, install and remove apps, or cause a firmware (or factory) reset.

At the session, “Mactans: Injecting Malware into iOS Devices Via Malicious Chargers,” the researchers used a 3-by-3 inch BeagleBoard, which is open-source hardware, to construct the charger that gave them escalated privileges in iOS by creating a “provisioning profile,” a file that permits applications in development to be installed on an iOS device.

According to the presenters, the exploit takes advantage of Apple's lax protocols for authorizing provisioning profiles to developers.

The researchers found that they only needed an Apple user's unique UDID number – which they could obtain easily via a USB connection – to register a provisioning profile. With the profile, they were free to install a hidden malicious app without a user's consent or knowledge.

The exploit doesn't require the phone to be jailbroken, they added.

In their demonstration, the researchers installed a spurious Facebook app which looked exactly like the users' legitimate version.

On the same day as the talk, Apple said it would address the issue in an iOS software update planned for the fall, according to Reuters.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.

PCI publishes guidance on security awareness programs

PCI publishes guidance on security awareness programs

The guidance, developed by a PCI Special Interest Group, will help merchants educate staff on protecting cardholder data.