/article-new/2013/07/iphone_charger_china-250x250.jpg?lossy)
Earlier this year, a trio of computer scientists discovered a flaw in iOS 6 that would theoretically allow an iPhone or an iPad to be hacked using a "malicious USB charger."
The researchers demonstrated the hack at the Black Hat Convention in Las Vegas today, showing off a custom built charger that was plugged into an iPhone. The charger, which took a week to design and cost just $45 in components, contained a small Linux computer programmed to launch an attack on iOS devices.
In this presentation, we demonstrate how an iOS device can be compromised within one minute of being plugged into a malicious charger. We first examine Apple’s existing security mechanisms to protect against arbitrary software installation, then describe how USB capabilities can be leveraged to bypass these defense mechanisms. To ensure persistence of the resulting infection, we show how an attacker can hide their software in the same way Apple hides its own built-in applications.
According to a report from Reuters, the security flaw that could allow a fake charging station to potentially hack an iOS device has already been repaired in iOS 7.
Apple said the issue had been fixed in the latest beta of iOS 7, which has already been released to software developers.
"We would like to thank the researchers for their valuable input," Apple spokesman Tom Neumayr said.
During the convention, the researchers successfully used the device they had constructed to hack into an iPhone, programming it to dial another phone. The group, worried that criminals might use the hack in malicious ways, publicized the issue in the spirit of "white hat" hacking.
iOS 7, which is already in the hands of developers, is expected to be released to the general public this fall. Along with a fix for the charger hack, it also includes a number of new features like an overhauled Notification Center, a new Control Center, and a complete redesign. Apple continues to regularly release beta updates for the operating system, adding additional minor performance boosts and changes ahead of its official release.
Top Rated Comments
(View all)I'm curious to see a picture of this malicious charger.
Still, not enough to make me upgrade to iOS 7. Nice try Apple
Yup people at Apple are really tying hard to get you back son.
.....Apple said the issue had been fixed in the latest beta of iOS 7, which has already been released to software developers.
"We would like to thank the researchers for their valuable input," Apple spokesman Tom Neumayr said.
Article Link: iOS 7 Beta 4 Contains Fix For Malicious Charger Hack (https://www.macrumors.com/2013/07/31/ios-7-beta-4-contains-fix-for-malicious-charger-hack/)
APPLE took that really well, for a change. They haven't always been so gracious in the past.
APPLE took that really well, for a change. They haven't always been so gracious in the past.
Perhaps the lack of blackmail was a factor.
----------
I'm glad there's a fix coming, but I always use Apple branded chargers. :cool:
After this and the news of Chinese chargers possibly electrocuting people, I wouldn't be surprised if people thought twice before buying that $2-$5 charger on amazon.