The iOS Find My feature has a safety loophole that can lead to infecting the iPhone even if the phone is off.
Academic researchers from the Secure Mobile Networking Lab (SEEMOO) at the Technical University of Darmstadt have identified a unique way of infecting an iPhone by loading malware while the phone is off.
Researchers will present their findings at the ACM Conference on Security and Privacy in Wireless Mobile Networks/ WiseSec 2022.
How does the Attack work?
The attack occurs after tampering with the iOS firmware and loading the malicious software onto a wireless Bluetooth chip with Near-field Communication and Ultra-Wideband. The attacker needs to execute the chip to infect the phone when it is off. The chip continues to operate when the system is off, and the Low Power Mode (LPM) is activated.
While the three wireless chips can facilitate Find My and Express Card transaction features, these can directly access the secure element. Basically, the ultra-wideband (UWB) (supported by iPhone 11, 12, and 13) and the Bluetooth chips are hardwired to the NFC chip’s Secure Element and can easily access confidential data.
“Since LPM support is implemented in hardware, it cannot be removed by