A group of three researchers have demonstrated how a malicious charger can be used to hack an iPhone or iPad in under 60 seconds.

iPhone Hacked Malicious Mactans Charger
Researchers Billy Lau, Yeongjin Jang and Chengyu Song demonstrate their malicious charger hacking an iPhone in under 60 seconds. (Credit: ZDNet)

The demonstration, which will be a worry to all iPhone and iPad users, was carried out in Las Vegas at the annual Black Hat convention where 7,000 hackers and security experts are gathered to hear about the latest hacking techniques.

Billy Lau, a research scientist at the Georgia Institute of Technology, and graduate students Yeongjin Jang and Chengyu Song had previously signalled their intent to show how a malicious charger could be used to infect one of Apple's devices with malware, but until this week refused to give details of how the device worked.

During the demonstration the researchers revealed that the charger is in fact a micro-computer which uses an open source BeagleBoard running Linux software, which is very similar to the Raspberry Pi micro-computer made here in the UK. Indeed the researchers agreed that a Raspberry Pi could be used to make the malicious charger instead of the BeagleBoard.

The charger could be made to look like a typical Apple charger, meaning those looking to infect iPhones and iPads could leave them lying around in public charging zones to trick unsuspecting members oft eh public.

Facebook app

In the demonstration in Las Vegas, the researchers used the Facebook app as an example of an software that could be compromised.

Once the charger is plugged in and the user inputs their PIN code, the charger silently and invisibly removes the target app, in this case the official Facebook app. It then replaces it - in exactly the same position on your iPhone/iPad homescreen - with what looks like a perfect replacement.

In actual fact this is malware and once you launch it, your phone/tablet has been compromised. This malware could be used to capture passwords, take screenshots, access your contacts, messages and phone calls, or even make premium rate calls.

Physical weakness

The attack works on physical weaknesses in iOS devices and all current versions of iOS are vulnerable, except for the beta version of iOS 7 which is currently being tested by developers.

Apple has issued a response to the revelations, saying it will fix the vulnerability in the iOS 7 release which is scheduled for some time this autumn.

"We would like to thank the researchers for their valuable input," Apple spokesman Tom Neumayr said. However until iOS 7 is released all iPhones and iPads are vulnerable to this type of attack.

Adversaries

The malicious charger has been dubbed Mactans, in reference to the virulent and pernicious Southern black widow spider (Latrodectus mactans).

The researchers pointed out that they built the charger without huge resources and warned others won't be so hamstrung: "Mactans was built with [a] limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish."