CATEGORIES
home News

Unpatchable NoReboot Attack Tricks iPhone Users By Faking A Shutdown To Spy On Them

by Jeff ButtsThursday, January 06, 2022, 02:06 PM EDT
Shutting down your iPhone may not do what you think if your decice is host to this malware.

In another example of social engineering’, an unpatchable bug has been discovered in iOS. This ultimate persistence bug makes you think your iPhone has been shut down when it hasn’t. Once in effect, it’s a trivial matter for nefarious individuals to activate your iPhone’s camera and microphone to spy on you.

The bug, dubbed “NoReboot,” hijacks a shutdown signal and then makes it seem like your iPhone has powered off. Because of how it works, the user can’t tell the difference between a real shutdown and a fake one.

Security researchers at ZecOps have been studying this problem, and point out how you typically know your iPhone is powered on.

  • Incoming calls and notifications make noises.
  • You feel touch feedback when you tap the screen.
  • In silent mode, your notifications and phone calls trigger your iPhone to vibrate.
  • The screen illuminates and shows your apps or Control Center.
  • The camera indicator, or one of several other indicators, appear on the screen.

NoReboot is able to disable every single one of these indicators, all while keeping your iPhone powered on. Your display doesn’t show anything, even when you tap it. All of your notification sounds and vibrations are disabled, and the indicators don’t appear at all. The video below demonstrates what could happen.

This all starts by someone injecting code like the Objective-C method [FBSSystemService shutdownWithOptions] into iOS. That done, attackers can completely hijack and halt the shutdown process, while making it appear the device has been powered off.

In a similar fashion, a hacker can make it appear the iOS device is booting back up when the side button is pressed. The system boot animation appears, and the phone “boots” to the Lock Screen as if it had been powered off.

In between the fake shutdown and fake startup, malware is free to do whatever the attackers want, as if the actual device owner was doing it. Spying via the camera and microphone are just the beginning.

Since NoReboot isn’t exploiting any kind of persistence bugs, there’s no way to patch iOS to prevent this. It’s simply tricking you into thinking your iPhone has shut down. It’ll definitely be interesting to see how Apple fixes this gaping hole in iPhone security.

Tags:  iPhone, security, Privacy, Hackers, ios
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment