Researchers from the Georgia Institute of Technology have created a “malicious charger” able to hack any iOS device simply by plugging it in.
The group constructed the device by examining Apple’s existing security before realising how the USB capabilities “can be leveraged to bypass these defence mechanisms.”
Once the charger, dubbed ‘Mactans,’ has been plugged in, it is able to install hidden malware onto iPhones and iPads, allowing for any number of exploits of users’ hardware and their data.
The researchers described how the device was built with a “limited amount of time and a small budget”, adding that they also considered “what more motivated, well-funded adversaries could accomplish.”
The Mactans uses a tiny computer named a BeagleBoard (it measures 75x75mm and costs only £30) to complete the exploit with the group reporting that “all users are affected, as our approach requires neither a jailbroken device nor user interaction.”
The report comes from the conference notes for Black Hat, a security conference taking place in late July. The proof-of-concept device will be displayed at the conference, with the team of three also detailing how “to ensure persistence of the resulting infection” by hiding malicious software “in the same way Apple hides its own built-in applications.”