X

iPhone can be hacked via fake charger, researchers say

A sneaky fake charger could be used to install dodgy software on iOS gadgets, hackers claim.

Luke Westaway Senior editor
Luke Westaway is a senior editor at CNET and writer/ presenter of Adventures in Tech, a thrilling gadget show produced in our London office. Luke's focus is on keeping you in the loop with a mix of video, features, expert opinion and analysis.
Luke Westaway
2 min read

Do you trust your iPhone charger? Or could it have been sneakily replaced by a cruelly-warped changeling cable, curled up like a plastic viper that's intent on poisoning your smart phone with hacked software?

That's the question asked by researchers from the Georgia Institute of Technology, who'll be showing off a concept malicious charger at the Black Hat 2013 hacker conference in July, Forbes spied.

The group claims to have found a way to bypass an iOS device's built-in defences "within one minute of being plugged into a malicious charger."

The hack apparently uses USB capabilities to break through Apple's protective software, which normally stops any old programs from being installed on your pricey tech. "All users are affected," the researchers note, "as our approach requires neither a jailbroken device nor user interaction."

A malicious attacker wielding one of these modified chargers could then hide their devious code using the same systems by which Apple hides its own apps, the researchers say.

A concept hack-charger has been built using a BeagleBoard, which is a single-board computer not unlike the Raspberry Pi. That's a lot chunkier than most iPhone chargers, but the group says its upcoming presentation will ask what ne'er-do-well digital rapscallions could achieve with more money.

The folks behind the crafty charger say they'll be recommending security features that Apple could use to make attacks of this nature significantly tougher to perform when they take the stage in two months' time.

Have you ever had a gadget hacked? Are you concerned about people stealing data from your devices, or not too worried? Let me know in the comments, or on our Facebook wall.