Do you plug in your iPhone into someone else’s laptop for a quick charge? If yes, you might be at the risk of ‘trustjacking’ where your device could be hacked remotely.
This new vulnerability called trustjacking exploits a convenient WiFi feature, which allows iOS device owners to manage their devices and access data, even when they are not in the same location anymore.
How does Trustjacking works?
When iPhone users plug into the USB port on someone else’s computer, iOS asks them whether the computer can be trusted or not. It also prompts that the computer will gain access to their data on granting permission.
Upon granting the permission, the user allows the computer to communicate with the iOS device through iTunes Wi-Fi Sync feature. While this feature is quite helpful but the researchers at Symantec say that it leaves your phone open to the trusted computer.
This computer can be used to access photos, messages, any sensitive data, add malicious apps or even perform administrative tasks without seeking any further authorization from the iPhone owner. Hence the name “trustjacking.”
It is notable that while the initial setup requires connecting a device physically through the USB cable, the phone can be accessed even after disconnecting it with no notifications to the iPhone owners.
So how to stop Trustjacking?
As there is no way of deauthorizing one laptop after giving access, you will have to revoke access to all the authorized laptops. Just go to Settings, tap on General and find Reset option. Select Reset Location & Privacy option and enter your passcode to deauthorize all devices at once.