{"id":4026,"date":"2013-08-05T08:04:07","date_gmt":"2013-08-05T16:04:07","guid":{"rendered":"https:\/\/www.zubairalexander.com\/stage\/?p=4026"},"modified":"2013-08-02T15:31:00","modified_gmt":"2013-08-02T23:31:00","slug":"how-to-hack-iphones-and-ipads-in-less-than-60-seconds","status":"publish","type":"post","link":"https:\/\/www.zubairalexander.com\/blog\/how-to-hack-iphones-and-ipads-in-less-than-60-seconds\/","title":{"rendered":"How to Hack iPhones and iPads in Less Than 60 Seconds"},"content":{"rendered":"<p>At the <a href=\"http:\/\/www.blackhat.com\/us-13\/\">Black Hat USA 2013<\/a> conference, three Georgia Tech hackers showed everyone how to hack iPhones and iPads  with malware imitating ordinary apps in less than 60 seconds using a  &#8220;malicious charger.&#8221; Here are some of the highlights of their revelation. For more details, check out the story by Violet Blue on <a href=\"http:\/\/www.zdnet.com\/researchers-reveal-how-to-hack-an-iphone-in-60-seconds-7000018822\/?s_cid=e036&amp;ttag=e036\">ZDNet<\/a>.<\/p>\n<blockquote><p>&#8220;Billy Lau, Yeongjin Jang and Chengyu Song showed how they made an  ordinary looking charger into a malicious vector for transmitting  malware using an open source <a href=\"http:\/\/beagleboard.org\/Products\/BeagleBoard\">BeagleBoard<\/a>, available for $125 (similar to a Raspberry Pi).<\/p>\n<p>For the demonstration, the researchers used an iPhone. They plugged  in the phone, and when the passcode was entered, the sign-code attack  began.<\/p>\n<p>For the demo, the Facebook app was used as an example.<\/p>\n<p>Within seconds of plugging in the charger, the Facebook app was  invisibly removed from the device and seamlessly replaced with a  Facebook app imitation with a malicious payload.<\/p>\n<p>The app&#8217;s icon was in the exact same spot as it was before the attack  &#8211; there is no way of knowing the application is not malware.<\/p>\n<p>The researchers said that all the user needs to do to start the  attack is enter their passcode &#8211; they pointed out that this is a pattern  of ordinary use, such as to check a message while the phone is  charging.<\/p>\n<p>Once the app was launched, the malware was launched and the phone was  compromised &#8211; and could do things such as take screenshots when other  passwords are entered, send a spoofed screen, and more.&#8221;<\/p><\/blockquote>\n<p>For the record, the researchers did not use root permission to attack. Apple has announced that they will fix this vulnerability in Fall. So until Fall this year hackers are going to have a good time.<\/p>\n<p>On a side note, a non-techie friend of mine was able to hack his own iPhone very easily. My immediate thought was, if he can hack his iPhone then anyone can.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>At the Black Hat USA 2013 conference, three Georgia Tech hackers showed everyone how to hack iPhones and iPads with malware imitating ordinary apps in less than 60 seconds using a &#8220;malicious charger.&#8221; Here are some of the highlights of their revelation. For more details, check out the story by Violet Blue on ZDNet. &#8220;Billy [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[9,7,24],"tags":[],"class_list":["post-4026","post","type-post","status-publish","format-standard","hentry","category-applemcintosh","category-news","category-security"],"aioseo_notices":[],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/posts\/4026","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/comments?post=4026"}],"version-history":[{"count":0,"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/posts\/4026\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/media?parent=4026"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/categories?post=4026"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.zubairalexander.com\/blog\/wp-json\/wp\/v2\/tags?post=4026"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}