Evil Never Sleeps: iPhone Chips May Be Off may contain malware that is still active

Four German security researchers have published the results of their study of iPhone chips, which always remain on, even when the smartphone is turned off. The latest models have three: Bluetooth for location, NFC for transport tickets and the U1 chip for car or house keys. The goal is to make it possible to find a lost iPhone, even if it is turned off, or use it on public transportation or open the car, even if it is discharged.

Even flat, your iPhone has a small power reserve to help you

It’s nice, but these researchers have analyzed the safety of these components, which are constantly working, and the title of their article gives a general idea: ” Evil never sleeps “Evil never sleeps, because there may be malware installed, which continues to work even if the iPhone remains turned off. However, do not panic, these discoveries remain largely theoretical, as iOS plays a protective role. Only a broken device can “contaminate” the Bluetooth chip and install malware on it, which significantly reduces the risk.

The research remains interesting to recall that the modern iPhone never really shuts down, and that this can create a problem for users who are most attacked, journalists or activists. Apple has not made it possible to disable these features completely, and because they are hardware-controlled, they cannot be disabled by software. Future versions may improve this moment with the ability to physically disconnect the battery, as do other microphone devices.

Another claim of researchers, c firmware The Bluetooth chip is not protected and can be changed relatively easily. You’ll still have to go through the jailbreak, iOS is secure enough to block these default attempts, but you can change the underlying firmware if necessary to make it malicious. Researchers have published here everything they have found about how the chip will work as planned by Apple, and they explain in detail in their article how changes can be applied. For example, you can imagine that the position of the smartphone is sent constantly, and on the third device it will be a great tracking tool at any discretion.

Only the Bluetooth chip can be attacked so “easily” because there is protection around the firmware of the other two NFC and UWB chips. However, it is more than enough as an attack vector, especially since it has access to the secure enclave of the iPhone, which is necessary to restore information about the user of the device in case of loss. The NFC chip also has access to it for storing cards used in public transport, as well as car or house keys, which must be accessible even without a battery. Potentially, the data contained in this enclave could be threatened by this vector of attack.

A message that appears on the latest iPhone under iOS 15 when they no longer have enough batteries: they remain active for search, for transport tickets and for keys stored in Maps.

Apple was informed of these findings in advance, but declined to comment. According to security researchers, the company probably will not be able to do much with the iPhone, which is currently in circulation, because the implementation of these features is primarily hardware, and fix them with software will not be possible. In addition, specific risks remain reduced, even if they are real in the context of targeted attacks, such as those offered by Pegasus and other similar tools.


Leave a Comment

Your email address will not be published. Required fields are marked *