Categories: Technology

Your iPhone Is Vulnerable to a Malware Attack Even When It’s Off

[ad_1]

When you turn off an iPhone, it doesn’t fully power down. Chips inside the device continue to run in a low-power mode that makes it possible to locate lost or stolen devices using the Find My feature or use credit cards and car keys after the battery dies. Now researchers have devised a way to abuse this always-on mechanism to run malware that remains active even when an iPhone appears to be powered down.

It turns out that the iPhone’s Bluetooth chip—which is key to making features like Find My work—has no mechanism for digitally signing or even encrypting the firmware it runs. Academics at Germany’s Technical University of Darmstadt figured out how to exploit this lack of hardening to run malicious firmware that allows the attacker to track the phone’s location or run new features when the device is turned off.

This video provides a high overview of some of the ways an attack can work.

Content

This content can also be viewed on the site it originates from.

The research is the first—or at least among the first—to study the risk posed by chips running in low-power mode. Not to be confused with iOS’s low-power mode for conserving battery life, the low-power mode (LPM) in this research allows chips responsible for near-field communication, ultra wideband, and Bluetooth to run in a special mode that can remain on for 24 hours after a device is turned off.

“The current LPM implementation on Apple iPhones is opaque and adds new threats,” the researchers wrote in a paper published last week. “Since LPM support is based on the iPhone’s hardware, it cannot be removed with system updates. Thus, it has a long-lasting effect on the overall iOS security model. To the best of our knowledge, we are the first who looked into undocumented LPM features introduced in iOS 15 and uncover various issues.”

They added: “Design of LPM features seems to be mostly driven by functionality, without considering threats outside of the intended applications. Find My after power off turns shutdown iPhones into tracking devices by design, and the implementation within the Bluetooth firmware is not secured against manipulation.”

The findings have limited real-world value, since infections required first jailbreaking an iPhone, which in itself is a difficult task, particularly in an adversarial setting. Still, targeting the always-on feature in iOS could prove handy in post-exploit scenarios by malware such as Pegasus, the sophisticated smartphone exploit tool from Israel-based NSO Group, which governments worldwide routinely employ to spy on adversaries.

[ad_2]
Source link
Admin

Recent Posts

Practical Tips for Carpet Cleaning on a Budget

Have you ever looked down at your carpet and wondered if there’s a budget-friendly way…

2 weeks ago

The Best CSGO Case to Open in 2025: Top Picks for CS2 Skins

Counter-Strike 2 (CS2) has elevated the thrill of case openings, captivating both seasoned CS:GO veterans…

3 weeks ago

The Most Common Deal Breakers That Make Buyers Walk Away When I Sell My Car Online in Little Rock, AR

Trying to sell a car online should be simple, but sometimes buyers lose interest fast.…

3 weeks ago

Why Free Spider Solitaire is the Perfect Game for Quiet Evenings

In the hustle and bustle of modern life, finding moments of quiet solace can feel…

1 month ago

Syracuse Guide To Socializating Your Dog

You have probably heard on the importance of socializing dog after getting a puppy. It…

1 month ago

2025 Vision: How Automation is Reshaping the Mortgage Landscape

The mortgage industry is undergoing a significant transformation, driven by the rise of automation and…

1 month ago