Hackers Could Track Your iPhone Even When It’s Off

Hackers Could Track Your iPhone Even When It’s Off

30. May 2022 0 By Horst Buchwald

Hackers Could Track Your iPhone Even When It’s Off

But it’s not likely that they will

 

Even shutting down your iPhone might not keep it safe from hackers, but experts say most people don’t have much to worry about.

 

Researchers at Germany’s Technical University of Darmstadt have found that iPhones can be vulnerable to security threats even when powered off. Wireless chips, including Bluetooth, run using low power mode when the power is off. Malicious actors can take advantage of the reduced power mode to use malware.

 

“When a user shuts down their device through the phone’s menu or power button, they have a reasonable belief that all the processors are shut down, but that’s not the case,” Eugene Kolodenker, a senior staff security intelligence engineer at the cybersecurity firm Lookout, which was not involved in the German study, told Lifewire in an email interview. “Services such as FindMy need to work even when the devices are shut off. This requires a processor to continue running.”

 

 

Zombie iPhones

The German researchers examined the iPhone’s low-power mode (LPM) that powers near-field communication, ultra-wideband, and Bluetooth.

 

“The current LPM implementation on Apple iPhones is opaque and adds new threats,” the researchers wrote in the paper. “Since LPM support is based on the iPhone’s hardware, it cannot be removed with system updates. Thus, it has a long-lasting effect on the overall iOS security model. To the best of our knowledge, we are the first who looked into undocumented LPM features introduced in iOS 15 and uncover various issues.”

Even shutting down your iPhone might not keep it safe from hackers, but experts say most people don’t have much to worry about.

 

Researchers at Germany’s Technical University of Darmstadt have found that iPhones can be vulnerable to security threats even when powered off. Wireless chips, including Bluetooth, run using low power mode when the power is off. Malicious actors can take advantage of the reduced power mode to use malware.

 

“When a user shuts down their device through the phone’s menu or power button, they have a reasonable belief that all the processors are shut down, but that’s not the case,” Eugene Kolodenker, a senior staff security intelligence engineer at the cybersecurity firm Lookout, which was not involved in the German study, told Lifewire in an email interview. “Services such as FindMy need to work even when the devices are shut off. This requires a processor to continue running.”

 

 

Zombie iPhones

The German researchers examined the iPhone’s low-power mode (LPM) that powers near-field communication, ultra-wideband, and Bluetooth.

 

“The current LPM implementation on Apple iPhones is opaque and adds new threats,” the researchers wrote in the paper. “Since LPM support is based on the iPhone’s hardware, it cannot be removed with system updates. Thus, it has a long-lasting effect on the overall iOS security model. To the best of our knowledge, we are the first who looked into undocumented LPM features introduced in iOS 15 and uncover various issues.”

“For those in such situations, we advise seeking help, as disabling the tracking could have bad consequences,” he added. “If you need to not be tracked for a while, leave your phone in a location where it’s reasonable to expect you might spend some time.”

 

Marco Bellin, the CEO of Datacappy, which makes security software, said the only way to truly protect yourself is to use a Faraday cage, which blocks all signals from your phone.

 

“The problem is that most people will never use one,” he added. “They are encumbering because they don’t allow your phone access to communication. There is no phone, text, or social media notification, and most people will forego their safety for convenience. I use one only for travel, but I’ll be using it more often now.”

 

Hits: 3