Thursday, August 1, 2013

Published 4:59 AM by

Black Hat 2013: hack into the iPhone or iPad can be a Charger

Black Hat 2013: hack into the iPhone or iPad can be a Charger


     On started in Las Vegas Black Hat hacker conference in 2013 three independent researchers have presented a conceptual charger called Mactan, able to connect to multiple iOS-devices and receive highly privileged access to the data stored there, as well as establish visible and hidden applications that perform a variety of data, such as intercepting sms or email user. technicians from the University of Georgia in the United States, they say that their product is based on several underlying vulnerability, which, however, the characters for a variety of operating systems.

 In the case of Apple products is a bug in the way the OS handles the connection of peripheral devices, as well as real estate development opens up access to resources. As explained in the presentation, the attack starts at the moment when charging Mactan is connected to the device, and the device goes to work table. At the heart of Mactan is a microcomputer BeagleBoard, which has only a UBS-ataptery because to Apple devices it is connected through an adapter.

However, once the BeagleBoard "see" the device, it immediately starts to download these programs, while the device itself does not give the user any notifications. reported that a bug with downloading malicious software running on all supported iOS, including the current beta version of iOS 7.0. Mactan is able to obtain data on the Apple device UDID and use this information to log in to iOS in order to gain access to the digital wallet or passbook device.

Mactan Developers say that they have created new device can remotely monitor, control access to its applications and access to a virtually any user data. The authors also note that attack the iPhone and iPad can be for other scenarios, you can also install charging Mactan in public places, and massively infect your device. More investigators note that in many ways used are fundamental vulnerabilities and malicious code can be transferred to a PC or Mac OS X, to install via USB malware on computers.

      edit