Internet-Security.com TCP port 62078 details

TCP port 62078 is used by Apple’s Lockdown (lockdownd) service on iOS devices for pairing and device services.
iTunes/Finder on macOS and the Apple Mobile Device Service on Windows connect to this port (via usbmuxd) to sync, back up/restore, and install apps.
Xcode and Apple Configurator use the same channel, and third‑party tools built on libimobiledevice (e.g., idevicepair, ideviceinfo, ifuse) talk to 62078 for device management.
When iTunes Wi‑Fi Sync or wireless debugging is enabled, iPhones/iPads expose 62078 on their Wi‑Fi IP so the same operations can occur over the LAN.
Mobile forensics products such as Cellebrite UFED and Elcomsoft iOS Forensic Toolkit leverage the lockdown/usbmux protocol on 62078 to acquire data from paired devices.
Associated exploitation: the Trustjacking attack (2018) abused Wi‑Fi Sync and stolen pairing records to gain persistent remote access over 62078 without further user prompts; the WireLurker malware (2014) used the lockdown/usbmux channel to install malicious apps on connected iOS devices.

TCP 62078