Forum Statistics

Threads
27,576
Posts
541,653
Members
28,555
Latest Member
Kiddorism

Hacking iPhones with its charger

hoodlum

hoodlum

MuscleHead
Jan 3, 2012
903
172
I thought I would write this up to help open the eyes about how broad security threats are and that they can come in all shapes and sizes and users need to be ever-vigilant if they want to stay safe. This attack is current and if you have an iPhone then you are at risk. This is a new style of attack demostrated at Blackhat 2013 and was a driving force behind one of the security implementations in iOS 7. The researchers were able to inject malicious code which is completely invisible to the user and does not create an icon.

Abstract:
"The results were alarming: despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest iOS software. All users are affected, as our approach requires neither a jailbroken device nor user interaction."

The interesting thing is that the injected malware doesn't have root privileges because it is forced to run inside Apple's sandbox protection (the same as a user downloaded app such as Facebook) however it has a very unique characteristic as it is able to call private API's (like telephony) that are usually protected and this creates an even bigger problem than a user-installed malicious program normally would as they can get more creative and use some techniques which jailbroken users would normally use to disguise their actions. There was an attempt from Apple to patch some of the security flaws that this targets however they are easily bypassed.

MACTANS: Injecting Malware into iOS Devices via Malicious Chargers
Authors: Billy Lau, Yeongjin Jang and Chengyu Song
Presented at: Blackhat 2013
Direct Link: https://media.blackhat.com/us-13/US...nto-iOS-Devices-via-Malicious-Chargers-WP.pdf
 
F

Fury

MuscleHead
Jun 6, 2012
1,666
130
Jezz how things have changed.so hoodlum in other words carry and use your own charger is that safe to say.
 
Gstacker

Gstacker

MuscleHead
Aug 19, 2011
2,149
254
Is there like a charger condom you can slip over the part that goes in the ciggerette lighter plug so you don't get a virus lol...
 
Zomb131

Zomb131

MuscleHead
Jan 31, 2011
1,125
264
Always bring and use your own charger, always.

secondly, you can never trust a man if you can see his toes. FACT
 
hoodlum

hoodlum

MuscleHead
Jan 3, 2012
903
172
You mean like this Gstacker?

modem-condom.jpg
 
marx

marx

MuscleHead
Sep 29, 2010
4,671
626
Crazy stuff, hoodlum- Dangerous out there!
 
hoodlum

hoodlum

MuscleHead
Jan 3, 2012
903
172
Yeah marx it is and the best defence is to be aware. A funny fact is that the FBI is known for using malware to target it's victims however they've publicly stated that they don't employ this method against hackers as they will expose the methods and propose fixes - so the morale is that if your a hacker the government will spy on you less. I'll find the quote from the FBI when I'm at home. Also, I've failed to see that anyone's realised the true impact of this... Think that if those dodgy cheap home-brand chargers you can get for your car and at electronic shops are malicious then there could already be 100,000's of people infected.
 
Who is viewing this thread?

There are currently 0 members watching this topic

Top