Your snoozing iOS 15 iPhone may actually be sleeping with one antenna open

2022-05-19 06:02

While pretty much no one is going to utilize the study's findings to attack Apple users in any meaningful way, and only the most high-profile targets may find themselves troubled by all this, it at least provides some insight into what exactly your iOS handheld is up to when it's seemingly off or asleep.

According to the research, an Apple iPhone that goes asleep into low-power mode or is turned off isn't necessarily protected against surveillance.

Under iOS 15, some chips inside an iPhone in either of those two power states remain active so that the owner can always wirelessly locate their lost cellphones via the Find My iPhone functionality, open their nearby locked cars, or make payments.

There is firmware in the device that runs when the phone is in low-power mode to handle this wireless functionality; it is this firmware, tied to a Bluetooth controller chip, that can be altered to contain malware that essentially runs all the time, whether the iPhone is awake or asleep or off, presumably until the battery is completely dead. This malware could be designed to track and report the user's movements, snoop on them, and so on.

The biggest one is that in order to infect the LPM firmware, so that malicious code can continue running even when the phone is seemingly asleep or off, the device needs to be completely compromised.

"We typically see a significant percentage of end-users connecting through an iOS device. If you think about the 300 million users just within the Fortune 2000 accounts alone, with 2.5 end user devices per user, that number can be huge."

News URL

https://go.theregister.com/feed/www.theregister.com/2022/05/19/apple-iphone-malware/

#IOS #iphone