Although it seems hard to believe, three researchers from the Georgia Institute of Technology claim that can infect any iDevice with malware using a simple loader. The terminals do not have to be jailbroken for that infected code to be injected into iOS, this representing the main problem of the entire system. The charger called Mactans was built using a BeagleBoard motherboard which, although it is too large to be hidden in a charger like the one in the picture, can be implemented in a dock, or even an external battery.
This hardware was selected to demonstrate the ease with which innocent-looking, malicious USB chargers can be constructed. While Mactans was built with [a] limited amount of time and a small budget, we also briefly consider what more motivated, well-funded adversaries could accomplish. We show how an attacker can hide their software in the same way Apple hides its own built-in applications.
The researchers claim that their creation can exploit including iOS 6.1.4 in less than a minute and the malware transferred to the terminals is difficult to discover, but of course everything assumes that the accessory is connected to the iPhone. Although they contacted Apple Lossless Audio CODEC (ALAC), Regarding the system for exploiting accessories, those from Cupertino have not yet provided an answer and probably will not provide it either, but they will find a method to block the vulnerabilities in a future version of iOS.
Such exploits are difficult to detect and will certainly appear in the future in other forms, but the need to connect an accessory to the iDevice for exploitation makes the whole process less dangerous.
