A new report has shown that iPhones are vulnerable to malware attacks even when they are turned off.
wired A recent study by researchers at the Technical University of Darmstadt in Germany reported that iPhone devices are vulnerable to malware attacks even when they are turned off. When you turn off your iPhone, the chips inside the device are still in low power mode, allowing you to locate your lost or stolen device using the Find My app.
Now researchers have developed a way to run malware on iPhones even when the devices appear to be turned off. The Bluetooth chip in all iPhones is not capable of digitally signing or encrypting the firmware it runs, researchers have now developed a way to exploit the chip’s lack of security and run malicious firmware that allows researchers to track location or trigger the iPhone. New features. .
In a recent paper, researchers examined the risk associated with chips operating in low-power mode, which allows the chips responsible for NFC, ultra-wideband, and Bluetooth to operate for more than 24 hours after turning off a device. was killed.
The researchers said: “The current implementation of LPM on the Apple iPhone is unclear and adds new threats. Because LPM support is based on iPhone hardware, it cannot be removed with system updates. As such, it has a lasting impact on the overall iOS security model. As far as we know, we were the first to look at the undocumented features of LPM introduced in iOS 15 and investigate various issues.”
The researchers added: “The design of the LPM features appears to be primarily functionality-oriented, regardless of threats outside of the intended applications. Find My enables iPhones’ tracking devices to shut down, and the implementation of the Bluetooth firmware is not tamper-proof.”
Read more wired here.
Source: Breitbart
