Shocking! Apple iPhone 13, iPhone 12 can be HACKED even when switched off! Know how – HT Tech

Copyright © HT Media Limited
All rights reserved.
Apple iPhones have always been about privacy and security. Now, things may have changed. Your iPhone, whether it is iPhone 13, iPhone 12 or any other iPhone model, is at some risk from hacking and malware, a report suggests. This new study revealed a shocking discovery about iPhone security. It says that an iPhone is vulnerable to malware attacks even when you switch it off. Behind this leak in the security of the iPhone are Apple’s wireless chips, a team of researchers from the Technical University of Darmstadt in Germany revealed.
The study mentions, “When an iPhone is turned off, most wireless chips stay on. For instance, upon user-initiated shutdown, the iPhone remains locatable via the Find My network. If the battery runs low, the iPhone shuts down automatically and enters a power reserve mode. Yet, users can still access credit cards, student passes, and other items in their Wallet.” Also Read: iPhone 13 user? BEWARE! This cable can steal your money!
“On recent iPhones, Bluetooth, Near Field Communication (NFC), and Ultra-wideband (UWB) keep running after power off, and all three wireless chips have direct access to the secure element,” the study mentioned in the research paper. Though, these are the useful components for your iPhone as they are what allows you to find lost iPhones or use the Apple’s Find My Device feature to detect things like digital car keys and express payment cards even without any power. But the recent study by the Darmstadt researchers shows that this is open to exploitation. Also Read: NEVER make these 5 mistakes with iPhone 13, iPhone 12 and others
The study says, “We show that it is possible to create malware that runs on iPhone 13 Bluetooth chips, even if the phone is powered off.”
It explained, “iOS 15 introduces two new LPM features: (i) Find My, Apple’s Bluetooth Low Energy (BLE)-based offline finding network, and (ii) Digital Car Key (DCK) 3.0 support, which uses UWB for a secure distance measurement. Thus, also the Bluetooth and the UWB chip are able to operate standalone while iOS is powered off.”
The new research on iPhone security and privacy explained that the LPM quirk could be exploited by modifying the Bluetooth chip’s firmware and loading in malware. As it’s hard to detect firmware changes without specific knowledge and equipment, hackers can use this opportunity to secretly monitor an iPhone user. They can even gain access to secure data within the phone.
Worst part is that this is the part of the iPhone’s components, and not the software update which can be easily updated by Apple. That means, this vulnerability will remain in place for a long time! Hence, researchers of the study argue that this needs to be acknowledged and rectified as soon as possible.
But there’s some relief for iPhone users! Accessing these components of the iPhone would require a lot of work and importantly, physical access to the iPhone by hackers. Researchers have shared the findings of the iPhone security study with Apple. Find the report here
Until Apple responds and takes precautionary measures, the researchers suggest that Apple has a hardware-level battery disconnect option that can allow users to defend themselves against the kind of attacks they’ve explored.
Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.
71653127704404

source

Share:

More Posts

Market Research

Pulse Surveys

Turn feedback into action

Our survey platform makes it easy to measure and understand feedback so you can drive growth and innovation

Pulse Handshak

Pulse Handshak

Collaborative online survey tool for the market research industry. Remote assisted surveying just like face-to-face interviews. Here interviewers can talk to the respondent over the web-console without the need for any other communication channel and share the same Q're with responses and click actions.

Pulse FE

Pulse FE

Pulse Field Expert or Pulse FE is the main platform for both offline and online survey at softofficepro.com. It is robust and used by hundreds of clients over tens of years with millions of responses. Do it once Q're and deploy on both offline devices (android) and online forms makes it a great cost effective platform for any kind of responses

Pulse Ultimate

Pulse Ultimate

Pulse Ultimate is targeted for tracking studies and retail audits. An offline survey system offering extreme field control including processes like data quality check, back-check, rework, comparison with previous wave data etc. helps to get the best results on a day-to-day basis

Pulse LS

Pulse LS

Use a managed Limesurvey and our expertise for creating complex forms and token based user management. Use optional mailing system to send survey invitation to each participant and track progress of the response status. Industry standard SPSS / R output supported