It appears that electrocution isn’t the only cause for worry when using an unofficial iPhone charger. Earlier this week, at the Black Hat cyber security conference in Las Vegas, researchers used a hacked iPhone 5 charger to break into the popular handset.
Using a three-square-inch BeagleBoard computer disguised as an iPhone charging station, the Georgia Tech researchers were able to plant a fake iOS app that contained a Trojan virus. Within one minute, an iPhone 5 plugged into the malicious charger would become infected.
“[The virus is] capable of taking screenshots, simulating button touches, and sending data to a remote server. The charger carefully deletes the user’s legitimate Facebook app and reinstalls the infected version, even placing it in the same location on the user’s screen,” said Forbes.Enjoying this article? Click here to subscribe for full access. Just $5 a month.
The team said that the setup cost only $45 and took a week to program. During the Black Hat demonstration, the Georgia Tech team successfully forced the compromised handset to remotely dial one of their phones.
One researcher pointed out that the hack only works with iOS devices – at the moment, Android-powered gadgets are safe from charger spoofing.
“Devices running Google's Android operating system are not vulnerable to the same types of attack because they warn users if they plug devices into a computer, even one posing as a charging station,” according to one of the researchers, Billy Lau, who was interviewed by The Sydney Morning Herald.
Lau continued: “After Apple's iOS 7 software update, a message will pop up to alert the user that they are connecting to a computer, not an ordinary charger.”
As far as real-world applications are concerned, the bugged chargers could allow criminals to take screen shots of login and payment information – including passwords and credit card numbers. Access to email and text messages would compromise a user’s privacy, and location-tracking tools would make a potential target easy to find.
"It can become a spying tool," said Lau.
Apple thanked the researchers for their insight into a potentially dangerous vulnerability to iOS users. A spokesperson for the tech giant told Reuters that the latest beta of the upcoming iOS 7 operating system has fixed the problem.
Until the update goes public, iPhone owners may want to avoid juicing up their handsets with suspicious-looking chargers.