A security flaw in Apple's iOS 6 that could theoretically allow malware to be uploaded to iOS devices via a malicious power adapter will be patched in the next version of Apple's mobile operating system, Apple said Wednesday.
The hack, dubbed Mactrans by the three researchers from the Georgia Institute of Technology who, was demonstrated Wednesday at the Black Hat security conference in Las Vegas. The trio announced in June that they had developed a proof-of-concept that showed how a malicious iPhone charger lets them hack into the mobile device running the latest version of Apple's iOS in less than one minute -- no jailbreaking required.
An Apple representative told Reuters today that the vulnerability had been repaired in the latest iOS 7 beta, which is already in developers' hands.
"We would like to thank the researchers for their valuable input," Apple spokesman Tom Neumayr said.
The researchers' custom-built charger, which was built in about a week for about $45, contains a tiny Linux-based computer programmed to attack iOS devices, according to Wednesday's presentation by Billy Lau, the researcher who constructed the device. Malware uploaded to iOS devices could give access to passwords and sensitive financial information as well as communications and the device's location, Lau said.
"It can become a spying tool," Lau said.
Lau said the vulnerability doesn't affect Android devices because that operating system warns users when their device is plugged into a computer.
reading•Apple power adapter security flaw to be patched in iOS 7
Dec 15•The iMac Pro isn't for everyone (Apple Byte Extra Crunchy, Ep. 114)
Dec 15•The iMac Pro is here!
Dec 15•The iMac Pro isn’t for everyone (Apple Byte Extra Crunchy Podcast, Ep. 114)
Dec 14•Apple Maps hopes to keep you from getting lost at the airport