Connect with us

Its123.com

Cryptocurrency Bitcoin Your iPhone Is Vulnerable to a Malware Attack Even When It’s Off


Crypto

Cryptocurrency Bitcoin Your iPhone Is Vulnerable to a Malware Attack Even When It’s Off

When you turn off an iPhone, it doesn’t fully power down. Chips inside the device continue to run in a low-power mode that makes it possible to locate lost or stolen devices using the Find My feature or use credit cards and car keys after the battery dies. Now researchers have devised a way to…

Cryptocurrency  Bitcoin Your iPhone Is Vulnerable to a Malware Attack Even When It’s Off

Cryptocurrency Bitcoin

When you turn off an iPhone, it doesn’t fully power down. Chips inside the device continue to run in a low-power mode that makes it possible to locate lost or stolen devices using the Find My feature or use credit cards and car keys after the battery dies. Now researchers have devised a way to abuse this always-on mechanism to run malware that remains active even when an iPhone appears to be powered down.

It turns out that the iPhone’s Bluetooth chip—which is key to making features like Find My work—has no mechanism for digitally signing or even encrypting the firmware it runs. Academics at Germany’s Technical University of Darmstadt figured out how to exploit this lack of hardening to run malicious firmware that allows the attacker to track the phone’s location or run new features when the device is turned off.

This video provides a high overview of some of the ways an attack can work.

Real Life. Real News. Real Action

Zillion Things Mobile!

Read More-Visit US

The research is the first—or at least among the first—to study the risk posed by chips running in low-power mode. Not to be confused with iOS’s low-power mode for conserving battery life, the low-power mode (LPM) in this research allows chips responsible for near-field communication, ultra wideband, and Bluetooth to run in a special mode that can remain on for 24 hours after a device is turned off.

“The current LPM implementation on Apple iPhones is opaque and adds new threats,” the researchers wrote in a paper published last week. “Since LPM support is based on the iPhone’s hardware, it cannot be removed with system updates. Thus, it has a long-lasting effect on the overall iOS security model. To the best of our knowledge, we are the first who looked into undocumented LPM features introduced in iOS 15 and uncover various issues.”

They added: “Design of LPM features seems to be mostly driven by functionality, without considering threats outside of the intended applications. Find My after power off turns shutdown iPhones into tracking devices by design, and the implementation within the Bluetooth firmware is not secured against manipulation.”

The findings have limited real-world value, since infections required first jailbreaking an iPhone, which in itself is a difficult task, particularly in an adversarial setting. Still, targeting the always-on feature in iOS could prove handy in post-exploit scenarios by malware such as Pegasus, the sophisticated smartphone exploit tool from Israel-based NSO Group, which governments worldwide routinely employ to spy

Subscribe to the newsletter news

We hate SPAM and promise to keep your email address safe

Continue Reading
You may also like...

Top News

News Report: WWE boss McMahon’s hush cash bill over $12 million – Business News – Castanet.net

World News

World News Report: WWE boss McMahon’s hush cash bill over $12 million – Business World News – Castanet.net

By July 15, 2022
News McMahon paid over $12M in hush cash – CP24 Toronto’s Breaking News

World News

World News McMahon paid over $12M in hush cash – CP24 Toronto’s Breaking World News

By July 15, 2022
News This UPS is built for your inner gamer and it’s on sale for Prime Day

World News

World News This UPS is built for your inner gamer and it’s on sale for Prime Day

By July 15, 2022
News It’s not true that everyone’s got a book in them: give writing back to the writers | Stephanie Merritt

World News

World News It’s not true that everyone’s got a book in them: give writing back to the writers | Stephanie Merritt

By July 15, 2022
News Behold the gameplay for Lord of the Rings: Gollum, precious

World News

World News Behold the gameplay for Lord of the Rings: Gollum, precious

By July 15, 2022

Popular Posts

News Report: WWE boss McMahon’s hush cash bill over $12 million – Business News – Castanet.net

World News

World News Report: WWE boss McMahon’s hush cash bill over $12 million – Business World News – Castanet.net

By July 15, 2022
News McMahon paid over $12M in hush cash – CP24 Toronto’s Breaking News

World News

World News McMahon paid over $12M in hush cash – CP24 Toronto’s Breaking World News

By July 15, 2022
News This UPS is built for your inner gamer and it’s on sale for Prime Day

World News

World News This UPS is built for your inner gamer and it’s on sale for Prime Day

By July 15, 2022
News It’s not true that everyone’s got a book in them: give writing back to the writers | Stephanie Merritt

World News

World News It’s not true that everyone’s got a book in them: give writing back to the writers | Stephanie Merritt

By July 15, 2022
News Behold the gameplay for Lord of the Rings: Gollum, precious

World News

World News Behold the gameplay for Lord of the Rings: Gollum, precious

By July 15, 2022
To Top