iTnews
  • Home
  • News
  • Technology
  • Security

Charger can wipe iPhones, install malware

By Danielle Walker on Aug 2, 2013 7:00AM
Charger can wipe iPhones, install malware

Apple plans iOS 7 fix.

A craftily built malicious charger can launch trojans on iPhones, steal data, install and remove apps, and execute factory resets.

The proof-of-concept charger dubbed Mactans was demonstrated at the Black Hat  conference in Las Vegas this week by Georgia Tech researchers Billy Lau, Chengyu Song and Yeongjin Jang.

The researchers used a 3-by-3 inch open-source  BeagleBoard to construct the charger that gave them escalated privileges in iOS by creating a “provisioning profile,” a file that permits applications in development to be installed on an iOS device.

The exploit took advantage of Apple's lax protocols for authorising provisioning profiles to developers, the researchers said.

It required only that an Apple user's unique UDID number – which they could obtain easily via a USB connection – be supplied to register a provisioning profile.

Once registered, they were free to install a hidden malicious app without a user's consent or knowledge.

The exploit did not require the phone to be jailbroken, they added.

In their demonstration, the researchers installed a spurious Facebook app which looked exactly like the users' legitimate version.

On the same day as the talk, Apple said it would address the issue in an iOS software update planned for the fall, according to Reuters.

This article originally appeared at scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
appleblack hatblack hat 2013georgia tech universityiphonemalwaremobilesresearchsecurity

Partner Content

Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like
Why Genworth Australia embraced low-code software development
Promoted Content Why Genworth Australia embraced low-code software development
How to turn digital complexity into competitive advantage
Promoted Content How to turn digital complexity into competitive advantage
Security: Understanding the fundamentals of governance, risk & compliance
Promoted Content Security: Understanding the fundamentals of governance, risk & compliance

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • Micro Focus Information Management & Governance (IM&G) Forum 2022
  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
By Danielle Walker
Aug 2 2013
7:00AM
0 Comments

Related Articles

  • Apple's "Find My" feature created attack vector, researchers say
  • Researchers devise stealthy phone tracking without fake base stations
  • Apple appeals against security research firm Corellium
  • Westpac to introduce 'Tap-on-Phone' software to merchants
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Qantas calls time on IBM, Fujitsu in tech modernisation

Qantas calls time on IBM, Fujitsu in tech modernisation

Service NSW hits digital services goal two years early

Service NSW hits digital services goal two years early

NBN Co taking orders for 'non-premises' connections

NBN Co taking orders for 'non-premises' connections

Australian scientists build world's first quantum computer IC

Australian scientists build world's first quantum computer IC

Digital Nation

Integrity, ethics and board decisions in the digital age
Integrity, ethics and board decisions in the digital age
Crypto experts optimistic about future of Bitcoin: Block
Crypto experts optimistic about future of Bitcoin: Block
COVER STORY: Operationalising net zero through the power of IoT
COVER STORY: Operationalising net zero through the power of IoT
IBM global chief data officer on the rise of the number crunchers
IBM global chief data officer on the rise of the number crunchers
The security threat of quantum computing
The security threat of quantum computing
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.