It’s not just apps from app stores which can infect your phone these days, a bunch of Georgia Tech hackers at the Black Hat US conference have revealed that the just the act using your phone while it’s charging from an unknown charger can let hackers in. While the iPhone is considered to be quite a secure device, their technique showed how easy it is infect your phone by plugging it in.
They used BeagleBoard to create a malicious charger, which they call the Mactan. When an iPhone user connects their phone to a Mactan ‘charger’, they run the risk of having their phone compromised. In the demo which they performed when the user unlocks the phone while it’s on charge, the Mactan replaced the Facebook app on the phone with a fake version which had a malicious payload.
The hacker stated that the payload could contain malicious code which takes the screenshots when passwords are entered, send data from the phone to a remote server, and much more! If you’ve not jail-broken your phone, it doesn’t matter – this exploit can still work on your device, and did I mention that all this takes under 60 seconds? Scary Stuff!
Luckily it looks like Apple will be rolling in a patch for this in iOS 7 which is due to be released shortly. Till then stay safe and don’t charge from unknown charging stations, who know what’s lurking behind those wires. We leave you with a parting thought from the makers of Mactan – “While Mactans was built with limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish.”