Researchers reveal how to hack an iPhone in 60 seconds

Researchers reveal how to hack an iPhone in 60 seconds

Summary: Three Georgia Tech hackers have disclosed how to hack iPhones and iPads with malware in under sixty seconds using a "malicious charger." UPDATED.

SHARE:
TOPICS: Security, Apple, iOS, iPhone, iPad
146

Three Georgia Tech hackers have revealed how to hack iPhones and iPads with malware imitating ordinary apps in under sixty seconds using a "malicious charger."

Today at a Black Hat USA 2013 press conference, the researchers revealed for the first time exactly how the USB charger they built can compromise iOS devices in less than a minute.

Mactans

Billy Lau, Yeongjin Jang and Chengyu Song showed how they made an ordinary looking charger into a malicious vector for transmitting malware using an open source BeagleBoard, available for $125 (similar to a Raspberry Pi).

For the demonstration, the researchers used an iPhone. They plugged in the phone, and when the passcode was entered, the sign-code attack began.

For the demo, the Facebook app was used as an example.

Within seconds of plugging in the charger, the Facebook app was invisibly removed from the device and seamlessly replaced with a Facebook app imitation with a malicious payload.

The app's icon was in the exact same spot as it was before the attack - there is no way of knowing the application is not malware.

The researchers said that all the user needs to do to start the attack is enter their passcode - they pointed out that this is a pattern of ordinary use, such as to check a message while the phone is charging.

Once the app was launched, the malware was launched and the phone was compromised - and could do things such as take screenshots when other passwords are entered, send a spoofed screen, and more.

In this manner, depending on what payload the attacker has put on the fake app, sensitive data could be accessed and compromised in a variety of ways.

The researchers found malicious ways to call and use the private API; the attack works on physical weaknesses, and operates on all versions of iOS, stock (up to the beta developer version of 7, which is the only version that Apple has patched).

The operating system used for the attack is Linux, and the researchers acknowledged that someone could easily use a Raspberry Pi instead of a BeagleBoard.

No root permission is accessed for the attack.

The targeted iOS device does not need to be jailbroken in order for the attack to be successful. It only needs to be plugged in to the innocuous seeming, but poisoned, iOS charger.

The Mactans charger is no longer a charger, but its own little computer - running custom software that immediately cracks and infects any attached Apple gadget; Mactans can install software unknown to the user.

Details of the vulnerability, something the researchers held back on disclosing until now, will be described in more deatil in researchers' Black Hat talk today, "Mactans: Injecting Malware Into iOS Devices Via Malicious Chargers."

The researchers disclosed the attack and vulnerability to Apple, but it appears that Apple hasn’t addressed or fixed the issue for versions prior to 7 (beta, developer release) - the hackers had previously stated they refused to reveal details until their Black Hat presentation.

The venomous iOS charger is called "Mactans" - Latin name for the virulent and pernicious Black Widow spider.

The researchers explained,

Mactans was built with [a] limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish.

The researchers contacted Apple - and Apple has patched iOS 7 to prevent the attack. Currently, all other versions are vulnerable.

Needless to say, iPhone, iPad and other iOS device users will want to be sure not to leave their chargers laying around - or use any "community" chargers from here on out.

Mactans

 

Mactans: Injecting Malware into iOS Devices via Malicious Chargers will be presented today, July 30, in room Augustus 3/4 at 5:00 pm.

UPDATE Wednesday July 1, 8:50 pm: In a late evening announcement Apple stated it will be fixing the vulnerability in the Fall release of its iOS 7 update. Apple has not specified a date for the fix. This means devices are vulnerable to the attack until the release, as are all previous versions of the OS. The issue has only been fixed in the beta version of 7, released to developers.

Topics: Security, Apple, iOS, iPhone, iPad

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

146 comments
Log in or register to join the discussion
  • The problem is 3rd-party chargers.

    Compared to what happened to a Chinese flight attendant, a hacked phone is nothing. On the upside, if past trends hold 95% of iOS users will be on iOS 7 within weeks of it's release. So, in the meantime don't use a 3rd party charger.
    matthew_maurice
    • iphones are intrinsically unsafe

      This is the third ,major beech within IOS Eco system under one year.

      A week back it was the developer portion of IOs.

      And nine months ago it was the amazon link and the lack of proper safeguards in authentication.

      This does not cover the way apps trap users into losing their money.
      Uralbas
      • IOS Compromise

        And Windows has no vulnerabilities. Listen, I get you don't like the devices - then why are you following the iPhone and why do you simply NOT use the device and keep your comments to yourself? Nobody really cares what you think.
        tstemarie
        • Oh the irony....

          Third party devices harm Apple users and you gripe! How funny everything else only requires you connect on the internet and your compromised. You are a funny troll!
          partman1969@...
        • Criticism can be a good thing

          "Listen, I get you don't like the devices - then why are you following the iPhone and why do you simply NOT use the device and keep your comments to yourself? Nobody really cares what you think."

          Well you obviously care what he thinks, otherwise you wouldn't have (hypocritically) criticised him for criticising Apple.
          Regarding the suggestion that you should generally "keep your comments to yourself", I think this is a terrible idea. We didn't get where we are today by doing that.
          exolon
        • comment for tstemarie

          Because it is very important to inform people when there's a problem, whether it be an iOS, Android, Windows problem. No operating system is perfect, including iOS
          Note Lover
          • shhhhh!!!!

            We like to let the Fanboys/Lemmings keep thinking it IS perfect.. Don't let them find out!
            nbjeter3
          • Hear, hear!

            "No operating system is perfect", indeed. Very true. And sadly, certain companies are still telling their customers there are no known malware incidents on their OS. (Apple's not immune to arrogance, folks. And Microsoft's arrogance knows no bounds, for there are vulnerabilities in Windows that they've known about for years now, but they're not fixing them.) Linux is quicker to correct security, and that's certain.
            Raymond Danner
        • Hey Drone

          Gee, no one is talking about Windows...We ALL know Windows has a LOT of vulnerabilities, so quit worshipping the Cult of Apple and start focusing on reality, for a change!
          ing.chatboy@...
          • So when something goes wrong with your i-whatever

            Using your own (apparent) logic, when some flaw shows up in Apple's devices or software, we should first gripe about Windows, and everything that's ever been wrong with it, before daring to comment on the Apple god's alleged vulnerability?

            This is all planted propaganda anyway; we all know Apple is infallible, and the real problem with iphones or ipads is that Windows exists. So any alleged weaknesses or flaws are due to Windows, not Apple, even if it's on an Apple device.

            There! Now you should be able to sleep.
            garyleroy@...
          • Really your commentary is valid however...

            aren't you the least bit amused by how many iHaters populate the commentary following any Apple article. Hell, I think toddbottom may just burst himself if Apple really ever suffers a serious exploit.
            partman1969@...
        • sad?

          Are you sad, your beloved high priced Apple products are equal to a turd?
          Wall.iPhone4
          • Speaking of high priced turds

            Did you hear about the Samsung Galaxy 4 that overheated and set fire to a dude's apartment in Japan? Whoops! I see the ihate is strong within you.
            athynz
          • Oh

            That really happened, just like the magical exploding Galaxy S3, iSheep.
            jamz2277
          • High priced

            Since the same thing applies to windows products albeit cheap-er then it stands to reason that they too are barely equal to a good turd also. Now, aren't you sad? Such a shame there can't be intelligent commentary here. Your inane comments have really accomplished something constructive here - NOT!
            FedUps*
        • Windows?

          This article is about iOS, not Windows silly person.
          michael@...
        • Ya, the irony is almost a little too much.

          I personally have no issue with Apple itself. Still use my faithful iPod Classic 80GB and until recently I used an iPhone 3Gs which also was a great device.

          But its enough to make Windows users do a full on "spit take" when you here, or see in this case, an Apple enthusiast write in the same kinds of terms and feelings Windows users have for years in response to Apple users complaints about Windows.

          Why this kind of example dosnt just get some jackarses around here to just lay off the FUD about other products just a little bit, I just don't know. None of these things we speak about around here, either hardware based or software based is flawless gold.

          Almost all the garbage most people talk about in terms of how godawful other products are is nothing more than ridiculously biased personal opinion based on personal preference to start with. That far from makes a product millions of others use and love a piece of junk.

          Its ridiculous. Many many Windows users spoke regularly of the day that may come when Apple users would have to make the very same kinds of defencive statements about one Apple product or another in the future and those Apple users just laughed in the face of Windows users. Now here we are.

          And what do Apple enthusiasts now have to say? Mostly they tell the now jackarse Windows users who dare to point out the similar kinds of flaws and issues Apple products are falling into to "buzz off and get lost" much the same way Windows users had to speak to Apple complainers about Windows in the past.

          Round round round we go. And of course nobody wants to just let it go. Ha! Let it go... well forget that, nobody hardly seems interested in even speaking reasonably and realistically about it.

          What a bunch of reasonable intelligent sounding bunch of individuals these message boards would seem to be populated with if people decided to speak in reasoned, measured rational terms about all products instead of so many insisting that the products that don't appeal to them were created by Satan.

          Its like the only time anyone recognizes when someone sounds like a lunatic is when they are reading some comment they don't like about a product they themselves do like.
          cayblex1
          • Excelent comment.....

            One of the more intelligent comments posted....so many in their respective OS camp hates all of the other OS's....we get it.....
            alambertus
          • Egotist Apple users embarass themselves

            It's amazing how the Apple community is so righteous and egotistic...kind of like liberals and far left Democrats. Blinded to everything except their own warped beliefs. All platforms have their faults, Android, Windows, and yes Apple too. There will never be a perfect and complete device. If mine does what I need it to do without crashing and making errors, I am happy regardless of what it is. But an arrogant CEO or company philosophy will chase me away from their products no matter how good they are.
            rollguy
          • How sad

            A well written informative article that should interest any IT person. Spoiled by the childlike ranting and ravings of fan boys and haters alike. Is this a kindergarten? It certainly sounds like it judging by the number of irrelevant righteous and egotistic commentary, which in most cases misses the point of the article.
            @cayblex1 I have some difficulty in finding comments from the “reasonable intelligent sounding individuals on these message boards” but luckily there are some far and few in between. I often get the feeling that I would expect more from the IT community. It also makes me wonder if I really want to entrust my IT infrastructure to individuals that appear to be incapable of seeing that all IT platforms have their faults and strength, Android, Windows, and Apple too. There is a lack of constructive sharing commentary and that is what I find sad.
            Gudufl