The team plans to demonstrate its findings at the Black Hat computer security conference, which begins July 27 in Las Vegas. In a preview of its presentation, the team acknowledges Apple’s “plethora of defense mechanisms in iOS.” Historically, Mac users have been able to boast of being largely malware free, in part because spammers, scammers and hackers preferred to target the larger number of Windows computers in the world.
On its mobile iOS operating system, Apple has created a “closed garden” environment in which everything from apps to accessories has to be approved by Apple, as opposed to Google’s more wide-open Android system. But by attacking in a nontraditional way, the team of Billy Lau, Yeongjin Jang and Chengyu Song say, those defenses can be bypassed.
“(W)e investigated the extent to which security threats were considered when performing everyday activities such as charging a device,” they wrote. “The results were alarming: despite the plethora of defense mechanisms in iOS, we successfully injected arbitrary software into current-generation Apple devices running the latest operating system (OS) software.