You’re waiting at the airport and topping up your iPhone at a public USB charging station. What if that innocent little plug was hacking into your iPhone and installing malicious software? Billy Lau, a research scientist at Georgia Institute of Technology, told attendees at the Black Hat security conference in Las Vegas that it’s possible, though there’s no evidence that anyone has actually tried to create an evil USB plug.
Lau told the conference that while no “arbitrary person” can install an application onto your iPhone, a “Mactans”—a tiny computer housed inside a charging station—can work around Apple’s safeguards. “[This] challenges the very fundamental security assumptions that people make,” Lau had told attendees. “The attack is automatic; simply connecting the device is enough. It’s stealthy. Even if the user looks at the screen there’s no visible sign. And it can install malicious apps on the target device.”