For this year's upcoming Black Hat conference, the abstract for one talk in particular has caught peoples' eyes. In it, researchers say they will demonstrate an innocuous-looking public charging station that can seize control of your iOS device.

Andy Greenberg at Forbes first drew our attention to the upcoming presentation titled "Mactans: Injecting Malware Into iOS Device Via Malicious Chargers." Authors Billy Lau, Yeongjin Jang, and Chengyu Song write that their malicious charger—dubbed "Mactans"—is built off a BeagleBoard, three-inch square single-board computer from Texas Instruments. This wouldn't fit in the tiny AC adapter provided by Apple, but the researchers write that their prototype was made with a "limited amount of time and a small budget." They also suggest that a more dedicated attacker could do even better.

"We investigated the extent to which security threats were considered when performing everyday activities such as charging a device," write the researchers. "The results were alarming: despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software."

The attack reportedly affects all iOS users, does not require the victim to have a jailbroken device, and can be run in under a minute. In addition to describing how to bypass Apple's built-in security, the researchers write that they've also mapped out a means to facilitate an ongoing malware infection. "To ensure persistence of the resulting infection, we show how an attacker can hide their software in the same way Apple hides its own built-in applications," said the researchers.

Sneaking In With the Electrons

This isn’t the first time that public charging stations have been singled out as a possible danger. Krebs on Security noted that Aires Security set up a public charging station at DefCon 2011 with a similar aim. When no phones were connected, it displayed an inviting blue sign. Once someone plugged in their phone, it switched to a bright red warning.

The Aires Security charging station was more of a proof-of-concept—and a benign one at that. Instead of stealing your data or installing malicious software, it instead flashed a message."You should not trust public kiosks with your smart phone. Information can be retrieved or downloaded without your consent," said a sign on the kiosk. "Luckily for you, this station has taken the ethical route and your data is safe. Enjoy the free charge!"

Batteries on laptops have also been cited as a potential attack vector. Also in 2011, security researcher Charlie Miller presented his case for targeting the battery microcontrollers in Apple laptops. Miller believes that the battery firmware could be rewritten to overheat and physically damage the laptop, or even be used as a vector to execute malicious code within the computer.

Thankfully, all of these arguments are being presented in an academic context. The Mactans researchers have reportedly contacted Apple with their work, though they have (unsurprisingly) yet to hear back. That said, you may want to rely on your own charging equipment. Just in case.

Image via Håkan Dahlström

Further Reading

Security Reviews