Ever been at a conference and borrowed someone’s charger in a pinch? That might be the next way your iPhone gets hacked, according to researchers from Georgia Tech.
[aditude-amp id="flyingcarpet" targeting='{"env":"staging","page_type":"article","post_id":749765,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"security,","session":"B"}']The group put together a charger that not only pumps up your battery, but also infects your iPhone with “arbitrary software,” as stated in a description of their Black Hat security conference panel. The description was first spotted by Forbes.
In it, Billy Lau, Yeongjin Jang, and Chengyu Song say they’ve been able to successfully transfer their own software into current-generation iPhones through the makeshift charger. “All users are affected,” according to the team, since the phone doesn’t have to be in any special condition (such as jailbroken or rooted). What the software can actually do once it’s on the phone is unknown, details have likely been held back for the panel itself.
AI Weekly
The must-read newsletter for AI and Big Data industry written by Khari Johnson, Kyle Wiggers, and Seth Colaner.
Included with VentureBeat Insider and VentureBeat VIP memberships.
It seems accepting a stranger’s charger at an event is gearing up to be like accepting a drink from a stranger at a party — not a good idea. Of course, there are currently some limitations. The group built its charger out of a BeagleBoard, which Forbes notes is too big to fit into Apple’s traditional charger hardware. The group says that its charger was built with a “limited amount of time and a small budget” and expects that those with more resources could make a more impressive or convincing charger.
The group says it tips for Apple on how to prevent an attack such as this one. We have contacted Apple and will update this post when we hear back.
iPhone charger image via Håkan Dahlström/Flickr
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More