It is possible for an attacker to access data stored on an iPhone, deploy malware, or even see what’s happening on the screen in real-time by simply connecting it to a trusted laptop.
Trustjacking is the method used and it comes down to how the iPhone handles permissions after being connected to a laptop or PC.
Trustjacking allows an attacker to gain a more continuous and persistent hold of the device and retain the same abilities long after the device has been disconnected from the malicious hardware. To understand how this works, we first need to explain iTunes Wi-Fi sync.
When plugging the iPhone into the USB port of a computer, owners are prompted to choose whether they want to trust the device to grant permission to read data stored on the device. But granting access to the iPhone and then disconnecting the handset doesn’t guarantee that you’re secure, as enabling iTunes Wi-Fi sync makes it possible for an attacker to access your phone remotely.
Anyone exploiting the issue could be able to access photos, messages, and emails or to even create a full back up of the iPhone without even touching it, said Symantec senior vice president of modern operating system security Adi Sharabani, who discovered the problem by mistake.
Sharabani was working with Roy Iarchy, the modern operating system research team leader, when Iarchy noticed an issue.
“Roy was doing research and he connected his own iPhone to his own computer to access it,” Sharabani said in a published report. “But accidentally he realized that he was not actually connected to his own phone. He was connected to one of his team members’ phones who had connected their mobile device to Roy’s desktop a few weeks before. So, Roy started to dig into what exactly he could do and find out if he were an attacker.”
Symantec has already alerted Apple of the bug, but the company only added an extra step to require the passcode when trusting the computer, without actually addressing the problem.
“While we appreciate the mitigation that Apple has taken, we’d like to highlight that it does not address Trustjacking in a holistic manner. Once the user has chosen to trust the compromised computer, the rest of the exploit continues to work as described above,” Iarchy said in a post.
“The best way to ensure that no unwanted computers are being trusted by your iOS device is to clean the trusted computers list by going to Settings > General > Reset > Reset Location & Privacy, now you will need to re-authorize all previously connected computers next time you are connecting your iOS device to each device,” Iarchy said.