A security team at Georgia Tech has found a way to “upload arbitrary” code to any iOS device without user interaction. This is done by using a modified USB charger, one that a victim would think is completely normal. However, the research is “not clear if the charger is able to upload malicious code.”
If it does become possible to use this modified USB charger in a malicious way, then there is a serious problem. Public, communal charging stations have been popping up all over the world with most of them including USB ports. This has become very common in airports and could raise a huge potential threat. If these USB charging stations become compromised, will we have countless people infecting their phones without any knowledge. They could think they’re completely safe and secure on their iPhone with all wireless technologies turned off, but they’re not. The common user wouldn’t think it to be possible for a USB charging station to compromise a device, but the research shows that it very well could.
The obvious solution to this is to carry your own USB charger, or charge your device with a computer or external battery. Just be sure to not let anyone play, tweak, or hack your hardware, otherwise you could end up with a compromised device.
SOURCE: OODA Loop
Latest posts by The Security Awareness Company (see all)
- NCSAM Launch Pad - September 12, 2017
- The Summer of Security - June 13, 2017
- How can YOU Help Build our 2017 & 2018 Development Roadmaps? - June 1, 2017