Cybersecurity researchers have found a way to run malware on Apple’s iPhone even when the device is powered off.
A report published by the Technische Universität Darmstadt in Germany details exploits that use the iPhone’s Low Power Mode (LPM) to track location and perform various malware attacks.
With LPM, you can perform certain smartphone functions such as Bluetooth, Near Field Communication (NFC), and Ultra Wideband, even when the device is turned off or the battery is dead.
If your iPhone shuts down, these components will run 24/7, so they won’t turn off completely. The idea is to be able to use the wallet and keys on the device even if the battery runs out.
Functionality and security
The problem with such systems is that the firmware that the Bluetooth chip runs cannot be digitally signed or encrypted.
“The current LPM implementation on the Apple iPhone is opaque and adds a new threat. LPM support is based on the iPhone hardware and cannot be removed with a system update. Therefore, across the iOS security model. It has long-term implications. As far as we know, we are the first to investigate the undocumented LPM features introduced in iOS 15 and discover various issues. ” Says.
“The design of the LPM feature seems to be driven primarily by the feature, without considering threats other than the intended application.” FindMyafterpower off “turns a shut down iPhone into a tracking device by design. .. The implementation in the Bluetooth firmware is not protected against operation. “
Thankfully, the attacker must first jailbreak the iPhone, so exploiting the flaw is not feasible. This is a feat in itself.
However, in rare cases of successful attacks, it is almost impossible to detect compromised firmware, allowing intruders to operate more stealthily.
Apple has been notified of the findings, but has not yet responded to the disclosure, according to researchers. TechRadar Pro We also asked to comment on the company.
via Ars Technica