Following a Black Hat demonstration on Wednesday in which researchers plugged an iPhone into a malicious charger programmed to attack iOS devices, an Apple spokesman told Reuters that the next software update will fix the bug that enables the hack.
Apple’s iPhones and iPads will be vulnerable until they get the iOS 7 update, which is scheduled for release later this year.
A spokesman told Reuters that the issue has already been fixed in the latest beta of iOS 7, which has been released to software developers.
The attack employs a malicious USB charger dubbed “Mactans” that was first publicized in June.
Mactans is a simple device: a custom-built charger equipped with a tiny Linux computer that’s programmed to compromise iOS devices.
It attacks devices within a minute of connecting, needing neither jailbreaking nor input from the phone’s user to succeed.
Its creators say it cost about $45 to buy and took about a week to design.
The successful attack leads to a persistent infection of software that’s invisible to a phone’s user, relying as it does on the built-in concealment techniques that Apple itself has put in place to hide some of its own apps.
Mactans, which was created by researchers from the Georgia Institute of Technology, was demonstrated at Black Hat by research scientist Billy Lau, along with graduate students Yeongjin Jang and Chengyu Song.
During their presentation, the researchers succeeded in infecting an iPhone with malware designed to dial one of the researcher’s phones – an assignment it carried out successfully.
The flaw that allows the hack could be exploited in the wild to enable attackers to remotely hijack a device and turn it into a spying tool, the researchers said.
With control of an iOS device, an attacker could, for example, get the phone to snap screenshots of banking logins and passwords and credit card numbers; could access email, texts and contact information; or could track a phone owner’s geolocation, Lau said.
Lau said that Android devices don’t suffer from the same vulnerability given that they warn users when they plug into a computer, even if it’s a tiny computer pretending to be a charging station.
After Apple’s iOS 7 update, a similar warning message will pop up to alert iOS users that they’re connecting to a computer, as opposed to an ordinary charger, Lau said.
Until then, make sure you practice safe powering.
It’s not that Mactans presents a grave risk of contracting malware, mind you.
As Peter Bright at Ars Technica describes it, this attack has some serious limitations (Mr. Bright, by the way, does a good job at describing the technical aspects of the USB idiosyncrasies that concern this attack, so do read his piece if that appeals).
A successful Mactans attack requires that the phone’s screen be unlocked, for one thing.
It also requires the attacker to have a valid developer account, and each developer account is limited to generating the required provisioning profiles for 100 different phones.
That means that such an attack would have to be targeted, as opposed to being widespread and indiscriminate.
It could be done, but it sounds like it would be rather esoteric and James Bond-ish.
But, at least as far as an attack like Mactans goes, it’s likely only going to happen in research situations or in Hollywood scripts at this point in time.Follow @NakedSecurity