PHY-1 · Mobile Threat Catalogue

Mobile Threat Catalogue

Malicious charging station

Contribute

Threat Category: Physical Access

ID: PHY-1

Threat Description:

Threat Origin

MACTANS: Injecting Malware Into iOS Devices Via Malicious Chargers 1

Exploit Examples

Researchers Show How to Hack an iPhone in 60 Seconds 2

CVE Examples

Not Applicable

Possible Countermeasures

Mobile Device User

Avoid use of public charging stations, which may house malicious chargers.

Ensure Android USB debugging is disabled unless explicitly needed (e.g. by app developers).

Do not accept any prompt to trust an untrusted or public USB charger.

References

  1. B. Lau et al. , MACTANS: Injecting Malware Into iOS Devices Via Malicious Chargers, presented at BlackHat, 3-4 Aug. 2013. https://media.blackhat.com/us-13/US-13-Lau-Mactans-Injecting-Malware-into-iOS-Devices-via-Malicious-Chargers-WP.pdf [accessed 8/23/16]. 

  2. V. Blue, “Researchers Show How to Hack an iPhone in 60 Seconds”, ZDNet, 31 July 2013; www.zdnet.com/article/researchers-reveal-how-to-hack-an-iphone-in-60-seconds/ [accessed 8/25/2016] 

Privacy Policy | Security Notice | Accessibility Statement | Disclaimer | Send Feedback
Each organization is unique in its risk posture and cybersecurity needs. Mobile device users should consult with their organization’s security team before implementing mitigations or resolutions outlined on this website to avoid potential conflicts with their organization's processes or environments.