During the next edition of Black Hat USA will show a method to crack an iPhone (or other iOS terminal) using a modified USB charger. Once you connect the phone to the charger, the process does not need to jailbreak or user interaction.
Billy Lau, a researcher at the Georgia Institute of Technology, and Yeongjing Jang Song Chengyu, students of this institution, will present at the next edition of Black Hat USA, to be held between 27 July and 1 August, a method to crack an iPhone or any other iOS device using a special charger. So far have not explained how they do it, but make sure that it works on all phones, media players and tablets that use Apple’s mobile operating system.
All that is known is that for their experiment used a Beagle Board an ‘open computer’ like Raspberry Pi developed by Texas Instruments. With this hardware, which costs about $ 45, they created what they called Mactans, malicious charger. Model was chosen to demonstrate that it is simple and inexpensive to build one of these chargers.
Apple iOS devices are considered by many to be safer than other mobile offerings. To test this belief we investigate to what extent are considered security threats to carry out daily activities such as carrying a device.
The results of this research were “alarming” because, “despite the plethora of defense mechanisms in iOS” managed “inject arbitrary software” in Apple devices belonging to the present generation and the latest version of the operating system. Moreover, affected all terminals with which it was tested and it is not necessary jailbreak or user interaction.
His presentation at Black Hat USA show you how to crack an iPhone after spending just one minute connected to the charger malicious. Once installed, the software is able to hide in the same way as do the applications developed by Apple. Also, make a review of the security mechanisms of the company and explain how you can avoid using the USB port. They will also give their users safety recommendations and the company itself.
On the other hand, take the opportunity to warn of the danger that an attacker may have greater motivation and more money to spend. Mactans has a considerable size, so it would be somewhat more complicated trick users more knowledgeable about safety. That is, in its current form could not be hidden in the adapter that Apple sells, but there are ways to convince a user to connect your iOS device if you do not see from where the cable.
Researchers have advised the Company of this bug, but have not yet received a response from Cupertino, according to Forbes clarified. In any case, have not shared details about his research (and it seems that they will do to your presentation) not to give clues and give Apple time to react.