Apple patches Mactans, developers discuss how the attack works


Ever ask someone if you could borrow his or her charger? You may not want to. In an event held for press this afternoon at the BlackHat Conference, the researchers behind the Mactans iOS exploit highlighted how iPhones and iOS devices can be hacked through malicious chargers. The Mactans is a charger that looks normal on the surface but actually contains a computer that can replace your apps with Trojans.

With Mactans, if your phone is unlocked, even for a second, hackers can exploit your device. Through the attack, hackers remove your clean applications and replace them with fake versions that capture your information. On the surface, everything operates as normal, but through the Trojan apps, as soon as you run them hackers can gain remote access to control your phone.

“The attack itself is not an jailbreak” explains Billy Lau a research scientist at the Georgia Institute of Technology, who demonstrated the exploit. The attack stays on the app level of your iPhone leading people to believe that exploited devices may not be fully compromised, however, the apps can take screenshots remotely capturing passcodes and other sensitive information without needing access to the root operating system of the phone.

Unfortunately, malicious applications could become more common as anyone can apply to become an Apple app store developer, and create applications that on the surface (and to app store reviewers) look completely innocuous.

“All iPhone users are effected, “ Lau says. “The Trojan does not require the phone to be jailbroken. This can work on stock iOS from 6.1.4 and older.”

Apple has done a patch to attempt to guard against this after Lau and his colleagues Yeongjin Jang and Chengyu Song, showed what they could do to Apple itself. Through that patch, devices will let users know when they plug into a charger that is actually a computer like Mactans, not a regular charger. The attack, as demonstrated, took in all a few minutes.

photo 1-2

Image credit: Patrick Gray, Risky.Biz