430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Just using a $39 device it is possible to defeat new iOS USB Restricted Mode

Once USB Restricted Mode is enabled on a device, no data communications occur over the Lightning port, but experts found a way to reset the countdown timer. Recently Apple released the iOS 11.4.1 that introduced a new security feature, dubbed USB Restricted Mode, designed to protect your devices against USB accessories used by forensics experts and […]

Just using a $39 device it is possible to defeat new iOS USB Restricted Mode

Once USB Restricted Mode is enabled on a device, no data communications occur over the Lightning port, but experts found a way to reset the countdown timer.

Recently Apple released the iOS 11.4.1 that introduced a new security feature, dubbed USB Restricted Mode, designed to protect your devices against USB accessories used by forensics experts and law enforcement agencies to analyze iPhone or iPad.

The USB Restricted Mode was implemented in the latest beta versions of the iOS operating system, it disables the data connection of the iPhone’s Lightning port after a specific interval of time but it doesn’t interrupt the charging process.

Forensics hardware like the ones manufactured by Cellebrite and Grayshift firm will not be able to attempt brute-force attacks via the Lightning port.

Apple USB Restricted Mode feature

While Apple proudly announced its new feature, experts from ElcomSoft have found a way to reset the countdown timer of USB Restricted Mode and bypass the defense mechanism.

The researchers discovered that by directly connecting a USB accessory to the iOS device within an hour after it was last unlocked would reset the 1-hour countdown.

A cheap  Apple’s $39 Lightning to USB 3 Camera adapter could be used to bypass the security features, the experts also discovered that it is possible to bypass the USB Restricted Mode by using untrusted Lightning accessories, or those that have not been paired with the iPhone before.

“What we discovered is that iOS will reset the USB Restrictive Mode countdown timer even if one connects the iPhone to an untrusted USB accessory, one that has never been paired to the iPhone before (well, in fact the accessories do not require pairing at all).” reads the post published by ElcomSoft.

“In other words, once the police officer seizes an iPhone, he or she would need to immediately connect that iPhone to a compatible USB accessory to prevent USB Restricted Mode lock after one hour. Importantly, this only helps if the iPhone has still not entered USB Restricted Mode.”

USB Restricted Mode

ElcomSoft researchers are also testing an unofficial and cheap Lightning to USB adapters to bypass the security measure.

According to the experts, the issue could be easily fixed by Apple, it is probably nothing more than an oversight.

The new feature can be enabled from Settings > Face ID (or Touch ID) & Passcode > USB Accessories, by leaving the toggle disabled.

In case you need to immediately activate the feature on the iOS device before the countdown timer ends, just press the Power button five times.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Apple, USB restricted mode)

[adrotate banner=”5″]

[adrotate banner=”13″]