iPown is the next iPhone data-snatching security threat - Spear's Magazine

iPown is the next iPhone data-snatching security threat

iPown, a new gadget that looks just like an iPhone dock, automatically extracts data from your Apple devices

Wander into a hotel from New York to New Delhi and you’d be forgiven for thinking that you can relax for a few moments surrounded by Michelin-star chefs, infinity pools and 24 hour butler service. They’re great, but, unfortunately, they won’t help in the battle against the latest security threat.

iPown, a new gadget that looks just like an iPhone dock, automatically extracts data from your Apple devices and therefore makes you vulnerable at the precise point that you should be most relaxed. Created by Mathieu Renard of Sogeti, the trick works by hiding a $25 Raspberry Pi micro PC inside your hotel room iPhone dock so that when your iPhone is placed on it, the doctored dock copies all the handset data without asking for user authorization.

Read more: Being safe in cyber-space

The files are then stored on a memory card or retrieved remotely by Wifi and subsequently extracted using software such as iPhone Backup Extractor. This gives your enemies access to your text messages and addresses as well as user passwords for email accounts, online calendars and geolocation records; essentially, everything needed to bankrupt your business or kidnap your heir.

Pictured above: Various iPod and iPhone docks (none of which have been accused to being especially vulnerable to iPown, for the avoidance of doubt)

Robin Clifford of CLA Consulting believes the scam has serious implications for the wealthy. ‘We all store increasing amounts of sensitive information on our mobile phones which, belonging to HNWs, can have enormous value and, in the wrong hands, seriously jeopardise both business security and personal safety, not to mention disrupt life when having to re-secure potentially compromised networks.’

Read more: Michael Dell's tweeting daughter points up safety risks for the wealthy

But, says the former Royal Dragoon Guards officer, simple precautions can bring peace of mind. ‘It is easy to get paranoid in this climate of highly-publicised cyber crime, yet there is no doubt that HNW are particularly vulnerable. Reputable hotels do their best to ensure a safe and secure environment for their guests but electronic sweeps required to pick up this sort of thing are expensive and time limited and it takes no time at all to place one of these devices into a “swept” room.

‘We advise clients not to use hotel iPhone docking stations but to charge their iPhones and other devices using their own leads. Keeping playlists on an iPod that can be played through the dock will also allow continued musical enjoyment but without the security risk.’

Read more from Talking Points

Don't miss out on the best of Spear's articles – sign up to the Spear's weekly newsletter