Horror iPhone hack spies on you even when the phone is off

Researchers in Germany have invented nasty malware that runs even when your iPhone is turned off.

Created as a proof of concept, the virus exposes an overlooked security issue in Apple’s popular phones.

1

This means that shutting down your device when there are signs of a break-in is not guaranteed to stop the attackers.

Experts from the Technical University of Darmstadt explained how their exploit worked in a paper published last week.

When your iPhone is off, it continues to run its Bluetooth microchip to help you track your device if it’s misplaced.

This feature is possible through Apple’s Find My app and was introduced last year with the launch of iOS 15.

But while the tool might prove useful for the absent-minded, it could leave your beloved phone exposed to hackers.

That’s because malware can run in the background when your device is otherwise idle.

“Since iOS 15, iPhones remain locatable via Bluetooth after being turned off,” researchers explained in a video explaining the exploit.

“Standalone firmware keeps running on the Bluetooth chip while the main processor is powered off.

“Firmware has no protection against modifications. Attackers can run Bluetooth malware even after shutdown.”

The researchers said the malware is theoretical and they have not released any details on how to create it.

If cyber criminals built it themselves, it would allow the attacker to track a phone’s location when the device is powered off.

The research is the first to show the risks posed by microchips running in low-power mode.

“The current LPM implementation on Apple iPhones is opaque and adds new threats,” the researchers write in an article.

“Because LPM support is hardware based on the iPhone, it cannot be removed with system updates.

“So it has a profound impact on the entire iOS security model.

“To the best of our knowledge, we are the first to address undocumented LPM features introduced in iOS 15 and uncovered various issues.”

The results have little real value as an iPhone must be jailbroken in order to be infected with the malware.

Jailbreaking is a process that replaces Apple’s iOS operating system with custom software. It’s banned by Apple.

A paper describing the findings will be presented at the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks.

The conference will take place from May 16th to 19th in San Antonio, Texas.

• Read the latest phone and gadget news
• Stay up to date on Apple stories
• Get the latest on Facebook, WhatsApp and Instagram

We pay for your stories! Do you have a story for The Sun Online Tech & Science Team? Email us at tech@the-sun.co.uk