Security News > 2022 > January > iOS malware can fake iPhone shut downs to snoop on camera, microphone
Historically, when malware infects an iOS device, it can be removed simply by restarting the device, which clears the malware from memory.
When an iPhone is shut off, its screen naturally goes dark, the camera is turned off, 3D touch feedback does not respond to long presses, sounds from calls and notifications are muted, and all vibrations are absent.
Security researchers from ZecOps have developed a trojan PoC tool that can inject specially crafted code onto three iOS daemons to fake a shut down by disabling all the above indicators.
Apple introduced a new feature in iOS 15, making it possible for users to locate their iPhones through 'Find My' even if they are powered off.
The "NoReboot" technique makes it impossible to physically detect if an iPhone is off or not as to all outward appearances your device appears to be shut down.
Malware developers and hackers can now gain persistence on iOS devices with this technique, where the usual recommendation of restarting an iPhone to clear infections no longer works.