Apple has encountered a wave of problems over the past month from fake chargers for their devices.
Last month there were reports of electrocution and now there are reports that data-stealing apps are being uploaded onto handsets from the bogus chargers.
A malicious code programmed into the chargers can upload a virus onto the devices plugged into them, compromising the iOS devices in as little as 60 seconds.
Apple’s pending update warns users to be sure they are using a trusted charging point when they plug in.
At the Black Hat cyber security conference in Las Vegas earlier this week, researchers from Georgia Tech’s Information Security Center demonstrated how the malicious chargers worked.
A three-square-inch BeagleBoard computer within the charger casing contained a fake iOS app with a Trojan virus that was uploaded to an iPhone 5.
The virus then steals data from the phone by taking screenshots and stimulating button touches before sending the data to a remote server.
The trio of researchers, Billy Lau, Yeongjin Jang, and Chengyu Song, also demonstrated how the virus-infected charger could delete the user’s Facebook app and reinstall an infected version in the same location on the user’s screen.
They also successfully forced the compromised handset to remotely dial one of their phones.
The hack only works with iOS devices; Android-powered gadgets are immune to the bogus chargers.
"Devices running Google’s Android operating system are not vulnerable to the same types of attack because they warn users if they plug devices into a computer, even one posing as a charging station," Lau told The Sydney Morning Herald.
Lau, Jang and Song gave some details about their attack in June, prompting Apple to prepare an update for devices running version seven of its iOS operating system.
The update is currently part of the beta release for iOS 7. The final version of iOS7 will be released in the Autumn. The update asks users if they are sure they can trust the device they are using to charge their phone or tablet.
Apple is also currently probing an electrocution report after a 23-year-old woman was killed in China by an eclectic shock from answering her iPhone 5 while it was charging.
Apple has since issued instructions on its Chinese website on how to identify fake chargers.
This article is from the CBROnline archive: some formatting and images may not be present.