iPhone is a line of smartphones designed and marketed by Apple Inc. The iOS mobile operating system is used by these devices.
On January 9, 2007, then-Apple CEO Steve Jobs announced the first-generation iPhone. Since then, Apple has released new iPhone models and iOS updates on an annual basis. More than 2.2 billion iPhones had been sold as of November 1, 2018.
Researchers at Germany’s Technical University of Darmstadt discovered that your iPhone may be vulnerable to attacks even while turned off.
Most wireless chips, such as Bluetooth, Near Field Communication (NFC), and Ultra-wideband (UWB), continue to operate for up to 24 hours after the iPhone has been turned off.
This way, the phone can still be found using the Find My network, and items like credit cards, student passes, and digital keys can still be accessed.
These wireless chips have direct access to the secure element, which could be used to install malware on the iPhone even when iOS is turned off.
The wireless chips operate in Low-Power Mode (LPM), not the energy-saving mode that extends battery life. Because LPM support is built into the hardware, this issue cannot be solved with software.
Researchers examined the security of the LPM features introduced with iOS 15 and discovered that Bluetooth LPM firmware can be modified to run malware on the iPhone. These flaws have not previously been investigated and may allow hackers with system-level access to track someone’s location or install new features on a phone.
The problem appears to stem from the fact that LPM features were designed primarily for functionality, with little consideration given to potential threats outside of the intended applications.
Most iPhone users are unaffected, according to Ars Technica, because infections require a jailbroken iPhone. In the event that bad actors discover flaws that are vulnerable to over-the-air exploits, the security hole could be exploited by spyware like Pegasus to target people and even infect chips.
Apple was informed of the findings, and the company read the paper but did not provide any feedback.