Threat Category: Physical Access
Threat Description: Malicious charging stations can be present in any public location. The adversary oprating the charging station could run exploits or attempt to install malware over the device connection.
MACTANS: Injecting Malware Into iOS Devices Via Malicious Chargers 1
Researchers Show How to Hack an iPhone in 60 Seconds 2
Avoid use of public charging stations, which may house malicious chargers.
Ensure Android USB debugging is disabled unless explicitly needed (e.g. by app developers).
Do not accept any prompt to trust an untrusted or public USB charger.
B. Lau et al. , MACTANS: Injecting Malware Into iOS Devices Via Malicious Chargers, presented at BlackHat, 3-4 Aug. 2013. https://macsecurity.net/view/50-mactans-injecting-malware-into-ios-devices-via-malicious-chargers [accessed 7/27/22]. ↩
V. Blue, “Researchers Show How to Hack an iPhone in 60 Seconds”, ZDNet, 31 July 2013; www.zdnet.com/article/researchers-reveal-how-to-hack-an-iphone-in-60-seconds/ [accessed 8/25/2016] ↩