Mactans: Malware-Laced Chargers That Can Hack iPhones

Mactans, a charger that could install malware to iPhones

Mactans, a charger that could install malware to iPhones

A group of researchers from Georgia Institute of Technology has discovered a method of hacking the iPhone that does not use phishing links, but actual hardware. They have produced malware-equipped chargers called Mactans, named after the scientific name of the black widow spider, that automatically installs malicious software onto iPhones when plugged.

Their Mactans chargers do actually charge the iPhone, but it contains tiny computers instead of the usual transformers found in other chargers. Instead of just the iPhone’s battery getting juiced, the smartphone also responds to USB commands since it treats the Mactans just like any other computer.

Researchers have found that the iPhone trusts USB-attached computers way too much. The Mactans starts its attack once the iPhone is unlocked even for a split second, and it does so without the need to jailbreak.

Instead, Mactans is able to hack into the iPhone by exploiting Apple’s system of allowing developers to deploy apps to their own devices for testing purposes. Deploying such apps requires the creations of a provisioning profile, which identifies a specific device and a specific application, allowing the app to run on the smartphone. Apple generates these provisioning profiles, which are installed through USB.

Once plugged, the Mactans commands the iPhone to read its unique ID number or UDID. The charger then sends its UDID to Apple’s Web page to generate provisioning profiles. Once it receives the provisioning profile, the Mactans deploys it on the iPhone, followed by the malware identified by the provisioning profile.

Because the malware remains sandboxed, it does not have to go through Apple’s usual app vetting process, allowing the sofware to commit a lot of malicious commands, such as taking screenshots whenever the user types in a password or dialing numbers by itself.

This method of malware attack, however, comes with limitations. For instance, generating a provisioning profile requires the attacker to have a valid Apple developer account. Each account only allows to generate such profiles for up to 100 different iPhones, limiting the attack to just 100 users instead of a widespread and indiscriminate effect.

iOS 7 update to preven potential Mactans attack

These findings have been sent to Apple, which responded by making the iPhone a bit more suspicous about USB connections. It launched an update on iOS 7 that would prompt users the first time they plug a specific USB device to the iPhone. The prompt window would ask if they want to trust the currently connected computer. If you have plugged a charger instead of a computer, chances are you have plugged a Mactans-like device.

Source: Ars Technica

Join the Discussion

Your email address will not be published. Required fields are marked *

Back to top