According to a new report, it’s possible to load malware onto an iPhone even when it’s turned off.
The study conducted by researchers from the Technical University of Darmstadt in Germany revealed that a chip that enables Bluetooth can be exploited and hacked in order to install malware on the device without the user’s authorization – even if the phone is off.
This comes in light of the new iOS 15 update, which includes a feature that lets you locate an iPhone even when it’s turned off.
Apple claimed that this new feature will make users more secure as it allows them to find a lost or stolen phone, even when it is turned off.
However, because the chips remain on even when the iPhone is turned off, researchers warn that this could pose a new threat.
The feature is enabled because three wireless chips remain enabled – Bluetooth, Near Field Communication (NFC) and Ultra-wideband (UWB) – the newspaper notes.
This allows the phone to continue sending signals and is designed to help the owner find their phone if it is lost.
It’s something the document calls “Low Power Mode”, which is “different from power saving mode indicated by a yellow battery icon”.
Malware can be installed on your iPhone even when it’s turned off
The article – which was published last week and titled “Evil Never Sleeps: When Wireless Malware Stays On After Turning Off iPhones” – revealed that it was possible to install malware on the Bluetooth chip in the iPhone. iPhone.
At present, there is no evidence that this type of attack has ever been used.
The study also concludes that hackers would first have to hack and jailbreak the iPhone to be able to access and exploit the Bluetooth chip.
At present, there is no evidence that this type of attack has ever been used. is theoretical, with no evidence that this type of attack was used.
Despite this, the results raised significant privacy and data protection concerns.
“On modern iPhones, wireless chips can no longer be trusted to be turned off after shutdown. This poses a new threat model,” the newspaper warned.
“Previous work only considered that journalists are not immune to eavesdropping when they activate airplane mode in case their smartphones are compromised.
“[Low-Power Mode] is a relevant attack surface that must be considered by high-value targets such as journalists, or can be weaponized to create wireless malware running on turned off iPhones.”
The document notes that researchers disclosed these disclosed security issues to Apply, but the company has not heard back.
“Apple introduced the “Find My After Power Off” feature in early betas of iOS 15. We assumed this feature was implemented in the Bluetooth firmware – we were concerned about this as our team found several security issues in this firmware in the past,” Jiska Classen, one of the study’s lead researchers, told Euronews Next.
“After extensive analysis, we found that there are three wireless chips that support hold after power off: Bluetooth, NFC, and UWB. Bluetooth firmware is the least secure and can be changed.”
If there is malware on a smartphone, such as Pegasus, “[it] could not install malware running in the Bluetooth chip when the iPhone is turned off,” Classen explained.
Should we be worried?
“We assume that the average user is not targeted by such malware,” she added.
However, she notes that politicians or journalists, as well as their relatives, could be subject to these attacks, citing previous research by Citizen Lab, in which dozens of Al Jazeera journalists were hacked using software. spies.
“Apple has introduced hardware changes to support Bluetooth after power off since iPhone 11 – these hardware changes cannot be undone,” Classen said.
“Apple may add a physical power switch that disconnects the battery in future iPhones.”
“Broadcom, the maker of the Bluetooth chip, said it has support for verifying firmware signatures, and Apple may enable this feature in Bluetooth ROMs in future iPhones.”
Speaking to Euronews Next, Classen was keen to point out that they have only demonstrated the possibility that malware can be installed in Bluetooth chips – not that this is common practice.
“It’s hard to tell if malware attacks are increasing, as many attacks might go undetected,” she added.
“To our knowledge, this has not been used against real targets.”
Apple declined to comment when contacted by Euronews Next.