Forbes reports on a proof-of-concept allowing an innocent-looking charger to inject malware into a non-jailbroken iPhone without user intervention.
At the upcoming Black Hat security conference in late July, three researchers at the Georgia Institute of Technology plan to show off a proof-of-concept charger that they say can be used to invisibly install malware on a device running the latest version of Apple’s iOS …
The researchers write that their attack can compromise an iOS device running the most recent version of Apple’s mobile operating system in less than a minute …
It’s not the first time a charger has been used as an attack method for a phone, but it’s believed to be the first example of a successful automated hack of a non-jailbroken iPhone.
It’s so far a pretty theoretical risk. The current hardware they are using wouldn’t fit into a standard iPhone charger, but it does show one weakness of the now-ubiquitous combined charging and data port found in all of today’s phones and tablets, and a potential risk of taking advantage of the chargers sometimes made available in airports and coffee shops – especially if you can’t see the wall unit.
The researchers have shared their methods with Apple, so it’s likely that the method will be blocked in a future iOS update.