Tech

iPhone: alert, this malware works even when the smartphone is off!

You would think that once your iPhone is off, it is safe from malware. A team of researchers has just proved the opposite by exploiting the vulnerabilities of Lower Power Mode, the real state in which the iPhone is when it is supposed to be off, to infect the latter with malware.

iphone malware
Credits: Unsplash

You probably know this, but an iPhone is never really turned off – which also applies to Android smartphones, by the way. When you turn off an iPhone, it actually goes into “Low Power Mode” (LPM), a state that allows it to continue to run features such as Locate or contactless payment. In fact, it is therefore not impossible for malware to infect the phone in this situation.

This has been proven by a team of researchers in a recent study. It is not uncommon for cybersecurity experts to find new ways to install malware on our phones, of course for preventive purposes. At the start of the year, a team of researchers, for example, succeeded in making malware perfectly undetectable on Apple devices. Today, it would therefore seem that the low activity of the chip in LPM is sufficient to infect the iPhone.

It is possible to install malware on a turned off iPhone

To make this possible, researchers have discovered that the Bluetooth chip, which is essential for making Find My work, does not allow iOS data to be encrypted. This vulnerability can therefore be used to infect the device with malware capable of performing several actions even when the device is turned off. Also, it is possible to go through an over-the-air update to install it.

On the same subject — iPhone: malware infects new models for the first time in its history

“The current implementation of LPM on Apple iPhones is opaque and adds new threats”write the researchers. “Because LPM support is based on iPhone hardware, it cannot be removed with system updates. Thus, it has a lasting effect on the overall security model of iOS. » Additionally, its ability to run on a turned off iPhone makes the malware even harder to detect.

Nevertheless, it should be noted that this discovery has very few real implications in our daily lives. It is already relatively difficult to infect an iPhone with malware, the latter must first be jailbroken. But this possibility still presents risks, especially in scenarios similar to that of Pegasus, the malware that infected the iPhones of several European leaders.

Related Articles