It appears that electrocution isn’t the only cause for worry when using an unofficial iPhone charger. Earlier this week, at the Black Hat cyber security conference in Las Vegas, researchers used a hacked iPhone 5 charger to break into the popular handset.

iPhone-charger

Researchers at the Black Hat cybersecurity conference in Las Vegas proved how a modified charger could implant software allowing fraudsters to access information, make calls and buy apps, all without the user’s knowledge.

Once installed, the iPhone owner can even continue using the device without knowing that the trojan is going about its sinister business.

Research scientist Billy Lau and Ph.D. student YeongJin Jang of the Georgia Tech Information Security Center showed off their hacked charger in a demonstration for CBSNews.com. They called their device Mactans and although this is large plastic box, the researchers say that the technology could be easily made to resemble a standard Apple charger.

“[The virus is] capable of taking screenshots, simulating button touches, and sending data to a remote server. The charger carefully deletes the user’s legitimate Facebook app and reinstalls the infected version, even placing it in the same location on the user’s screen,” said Forbes.

One researcher pointed out that the hack only works with iOS devices – at the moment, Android-powered gadgets are safe from charger spoofing.

Lau continued: “After Apple’s iOS 7 software update, a message will pop up to alert the user that they are connecting to a computer, not an ordinary charger.”

As far as real-world applications are concerned, the bugged chargers could allow criminals to take screen shots of login and payment information – including passwords and credit card numbers. Access to email and text messages would compromise a user’s privacy, and location-tracking tools would make a potential target easy to find.

Until the update goes public, iPhone owners may want to avoid juicing up their handsets with suspicious-looking chargers.

source

2 COMMENTS

Comments are closed.