A security team at Georgia Tech has found a way to “upload arbitrary” code to any iOS device without user interaction. This is done by using a modified USB charger, one that a victim would think is completely normal. However, the research is “not clear if the charger is able to upload malicious code.”

If it does become possible to use this modified USB charger in a malicious way, then there is a serious problem. Public, communal charging stations have been popping up all over the world with most of them including USB ports. This has become very common in airports and could raise a huge potential threat. If these USB charging stations become compromised, will we have countless people infecting their phones without any knowledge. They could think they’re completely safe and secure on their iPhone with all wireless technologies turned off, but they’re not. The common user wouldn’t think it to be possible for a USB charging station to compromise a device, but the research shows that it very well could.

The obvious solution to this is to carry your own USB charger, or charge your device with a computer or external battery. Just be sure to not let anyone play, tweak, or hack your hardware, otherwise you could end up with a compromised device.

 

SOURCE: OODA Loop

The Security Awareness Company

With over 25 years of industry experience, we serve both small & large organizations to create successful security awareness and compliance programs on an international scale. Our team is a strong, creative powerhouse with a passionate vision and we consistently produce on-trend end-user training materials of the highest caliber.

Latest posts by The Security Awareness Company (see all)