We all know that the iPhone has made its good reputation in the consumer market because of its excellent quality. But even after that it is not fully immune to malware. Even if you discover malware on your iPhone, you may think that turning off iPhone might make the malware inactive on your smart device.
However, this might not be the case as you think. Because researchers of Technical University of Darmstadt have created a new kind of malware. The scary thing about this malware is that it can function even when the iPhone is turned off.
A question may arise in your mind, how a malware can function without any power? Well, the answer to this question is amazingly simple. And that is phones these days are not completely turned off even if it is switched off.
How the malware works:
Most of us know that iPhone has a Low Power Mode feature and this feature started with every iPhone since 2018. To be specific from iPhone Xs and XR. The malware takes the advantage of this feature of iPhone and works even when the phone is turned off.
Furthermore, after the iOS 15 update, iPhones become ‘locatable’ through Bluetooth, even in off state. When talking about the Low Power Mode, it enables NFC, Bluetooth, and Ultra-Wideband chips and take small amount of power with a turned-off main processor.
So, what happens is, these chips run almost every time and thus makes the phone traceable through the “Find My” feature. Ultimately, this keeps the facilities such as Express Cards and car Key functional.
When talking about the Bluetooth chip, it comes with its firmware. And it runs separately from the main processor. As per the researchers, the fundamental part of the study is this firmware. This is so because it is completely unsigned and has no protection against the alteration.
From this it can be inferred that the attackers can run Bluetooth malware in a turned off iPhone. The Apple’s NFC chip stores information such as Express Cards, Car Keys and Apple Pay. The UWB and Bluetooth chips are hardwired to secure the NFC chip.
So, Hacker can access the Secure Element’s info by targeting the Bluetooth chip’s firmware. This can get worse as the Low Power Mode support is used in hardware level. This feature cannot be removed simply by updating the system. Also, this makes the firmware level hacks difficult to detect.
However, you can find malware as it will drain more battery.
The best thing about this research:
Here the main point to note is that the malware which has been created in this research needs a jailbroken iPhone. So, this will ultimately not affect the regular iPhone users. Also, the researchers have shared this discovery with the Apple company, ensuring that future phones will be safe from such malware.
