Oct 04, 2023 20:00:00

A malicious counterfeit product is found that pretends to be Apple's official iPhone HDMI adapter, requests location information and browsing data, and displays spam advertisements.

Apple sells a wired adapter '

Digital AV Adapter ' that outputs the iPhone screen to an external monitor. 404 Media, an overseas media outlet, reports that malicious counterfeit products are in circulation that are identical to Apple's genuine 'Digital AV Adapter' but request access to location information and photos when used.

I Tested an HDMI Adapter That Demands Your Location, Browsing Data, Photos, and Spams You with Ads
https://www.404media.co/i-tested-an-hdmi-adapter-that-demands-your-location-browsing-data-photos-and-spams-you-with-ads/

The Digital AV adapter is an adapter that allows you to connect a Lightning port-equipped device such as an iPhone or iPad to an external display via HDMI. There are many types of HDMI adapters for devices equipped with Lightning ports other than genuine Apple products, but according to 404 Media, some adapters have clearly unnecessary functions. .

404 Media obtained an

EZCast HDMI adapter as a 'problematic HDMI adapter' and pointed out the problems. In the photo below, the left side is Apple's Digital AV adapter, and the center and right side are EZCast's HDMI adapter. If you compare the two, you will see that they look quite similar.

Most HDMI adapters allow external output just by connecting a cable. However, if you connect the iPhone to an external display using an EZCast HDMI adapter, the screen cannot be output externally, and a QR code that allows you to access the official EZCast website will be displayed on the display.

When you read the QR code and access the official EZCast website, the following warning message will be displayed on your iPhone: `` Do you trust this computer? '' The message 'Do you trust this computer?' is displayed when you connect your iPhone to your PC, and it usually does not appear when you just connect an external display via HDMI.

404 Media tapped 'Trust' on the 'Trust this computer?' warning screen, which opened the App Store and displayed a distribution screen for a management app named 'EZCast.' It seems that you need to install the EZCast app to output video externally using the EZCast HDMI adapter.

If you check the information collected by the EZCast app, you will find that information that is not necessary for external video output such as 'location information', 'contact information', 'user content', 'browsing history', and 'ID' is collected, and information that is not necessary for external output of the video is collected. It was declared to be used for distribution.

404 Media actually installed the EZCast app and found that it accessed ``location information'', ``local network'', ``photos'', ``settings'', ``Bluetooth'', and ``camera'' under the guise of ``displaying region-specific advertisements.'' It is said that he was asked to. In addition, 404 Media reports that a notification stating that ``collected data is being sent to China'' was displayed, and advertisements were displayed every time various operations were performed.

John Bumstead , who provided the EZCast HDMI adapter to 404 Media, prefaced this by saying, ``There is no solid evidence that this device (EZCast HDMI adapter) is a predatory device.'' We are aware of instances where devices such as ``devices such as '' have been used as keyloggers. Such adapters are often brought behind security guards by users, who can access all information on devices connected to the adapter.'' , highlighting the dangers of adapters that behave atypically.