Researchers to demo iPhone hack via 30-pin dock cable

Summary:A new iPhone vulnerability targets the 30-pin dock connector found on all iPhones and iPads sold before the iPhone 5 was announced in September 2012.

New exploit attacks iPhone via 30-pin charging cable - Jason O'Grady

Researchers from Georgia Tech have uncovered a way to hack into an iPhone or iPad in less than a minute using a "malicious charger." The group plans to present its findings at the Black Hat conference in Las Vegas on July 27, 2013. 

Billy Lau, Yeongjin Jang and Chengyu Song are presenting a session is called "Mactans: Injecting Malware Into iOS Devices Via Malicious Chargers" at the popular security conference next month. The name "Mactans" comes from Latrodectus Mactans, the  highly venomous (and deadly) black widow spider.

According to the synopsis on the Black Hat website, the Mactans session will describe how USB capabilities can be leveraged to bypass Apple's defense mechanisms built into the iPhone.

To demonstrate practical application of these vulnerabilities, we built a proof of concept malicious charger, called Mactans, using a BeagleBoard. This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed. 

A BeagleBoard is a low-power open-source hardware single-board computer produced by Texas Instruments in association with Digi-Key.

Perhaps the most amazing aspect of the exploit is that it doesn't require the device to be jailbroken and it can be performed in under a minute according to the team. It also doesn't require a physical access to the device, except for the charger that is. While it would be unusual for dock cables to be left out in public (the things cost almost $20 each), a restaurant or coffee shop could leave some charging cables out for patrons to use (although I've only seen this a couple of times).

I suppose a malicious individual could carry a hacked cable and wait for people to ask to borrow it, but this is a long shot at best. And besides, a dock cable connected to a BeagleBoard would look suspicious to anyone borrowing a cable from a stranger. Details on the hack are slim ahead of the conference but the researchers suggest that someone with more resources could be much more malicious:

While Mactans was built with [a] limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish.

Besides setting up a fake "charging station" in a public place, one use case could be a dock cable connected to a "battery" with a BeagleBoard hidden inside. I guess the moral of the story is not to be promiscuous with your iPhone and iPad charging, at least until the details of the hack are released next month. 

Topics: Apple, iOS, iPad, iPhone, Security

About

Jason D. O'Grady developed an affinity for Apple computers after using the original Lisa, and this affinity turned into a bona-fide obsession when he got the original 128 KB Macintosh in 1984. He started writing one of the first Web sites about Apple (O'Grady's PowerPage) in 1995 and is considered to be one of the fathers of blogging.... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.