FORT MYERS, Fla. - When you plug your iPhone into a charger, is electricity the only thing going into your device? One group of researchers found it can also inject malicious software. They were able to use it to hack into a phone, inexpensively and in less than a minute.
Billy Lau, Yeongjin Jang and Chengyu Song say they successfully injected malware into Apple devices by creating a malicious charger on limited time and a small budget. They'll demonstrate how an iOS device can be compromised within one minute of being plugged into a malicious charger. At this month's Black Hat USA security conference in Las Vegas. They've informed Apple of their findings.
"I didn't even think about it," iPhone user Jason Gallini said. "Now, I'm a little concerned because I have all my banking stuff on my phone."
"I never really thought there'd be enough room for something in there," iPhone user Joel Ascol said. "It kind of intrigues me."
While intrigued, Ascol isn't extremely concerned. "They're aware of it," he said. "They're going to fix it. They always do."
Rob Mason, owner of Rob the Phone Doctor in Fort Myers says this will likely encourage phone makers to take a second look at security.
"You can set precedent to the actual cube power source, besides giving power to drop a note into the phone, drop an app, drop a malicious software," Mason said. "They're by kilobytes so they are very small. They can drop in."
While cheap clones of iPhone chargers may seem like a steal, Mason said, "They ruin the charger port, they ruin the battery, they ruin the power supply."
And, you don't know who handled them before you. Mason says the safest bet is to buy straight from the manufacturer.
"Pay a little bit more, have a little less anxiety in the night," Mason said.
In the meantime, Mason said one of the biggest security threats for iPhone users lies in their inboxes. He advices users to not open e-mails from people they don't know. And, if you get a message from a familiar name, double-check the e-mail address before clicking any links.