Researchers invent iPhone malware that works even when your phone is turned off

What would you do if you discovered malware on your iPhone?

Your first instinct might be to turn off the damn thing to stop malicious snooping. Unfortunately, even that may not be enough.

A new type of malware invented by researchers at the Technical University of Darmstadt could work even when your phone is turned off. And no, I’m not talking about a Fake NSA style shutdown screen.

“Nonsense!” you call. How can malware run without electricity? The simple answer is that devices are rarely completely “off” these days.

The research is summarized in the 1-minute video below:

The exploit uses the iPhone’s Low Power mode, which has been compatible with every iPhone since 2018, starting with the iPhone Xr and Xs. In this mode, the NFC, Ultra-Wideband, and Bluetooth chips can drink a bit of power when the rest of the phone is turned off.

Since iOS 15, these chips can be used indefinitely, allowing your phone to be located via Find My and features such as Express Cards and car key to remain operational.

That’s obviously very useful if you ever lose your phone, but it opens up the potential for a new kind of malware that can run until your battery is absolutely, 100% dead.

The Bluetooth chip has its own firmware that can run separately from the main processor. This firmware is at the heart of the research; according to the researchers, it is completely unsigned, has “no protection against modification” and “attackers can run Bluetooth malware even after shutdown.”

The Bluetooth and UWB chips are wired to the Secure Element in Apple’s NFC chip, which stores information for Apple Pay, car keys and Express Cards. That essentially means that the information stored in the Secure Element can be made accessible by attacking the Bluetooth chip’s firmware.

Worse, “since LPM support is implemented in hardware, it cannot be removed” by system updates. And firmware-level exploits that use power-saving modes can be extremely difficult to detect; malware can sometimes be identified simply because it causes more battery drain.

Before trading your iPhones for a flip phone, it’s worth noting that the exploit described in the paper requires a jailbroken iPhone, greatly reducing the chances of regular users being affected by this exploit. . The researchers also shared their findings with Apple, which will likely try to address these concerns in future devices.

Still, it goes to show that with every nifty new feature, there’s a new opportunity for bad guys to take advantage. It’s not inconceivable that hackers will find ways to jailbreak iPhones remotely, as happened with Pegasus. For every exploit that is made public early, there are others that we don’t find out until it’s too late.

The researchers acknowledge that LPM applications are intended to increase security and safety for most users, but say, “Apple should add a hardware switch to disconnect the battery. Such a change” would improve the situation for users who sensitive to privacy and surveillance targets such as journalists.”

Through Ars Technica

Shreya Christina
Shreya has been with for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

More from author


Please enter your comment!
Please enter your name here

Related posts


Latest posts

The Nostalgia Factor: Why Retro Gaming Continues to Thrive

In the fast-paced world of modern video games with their stunning graphics, lifelike simulations, and complex narratives, there's a distinct charm in returning to...

The Rise of Cross-Platform App Development in Australia

In the ever-evolving landscape of app development, the need for efficiency, cost-effectiveness, and wider reach has given rise to a significant trend: cross-platform app...

Embracing Efficiency and Nature: Why Outdoor Pods Trump Typical Cubicles

In the ever-evolving world of work, the concept of the traditional office is undergoing a profound transformation. The limitations of the conventional cubic office...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!