Researchers have figured how how to intercept and fake an iPhone reboot:
We’ll dissect the iOS system and show how it’s possible to alter a shutdown event, tricking a user that got infected into thinking that the phone has been powered off, but in fact, it’s still running. The “NoReboot” approach simulates a real shutdown. The user cannot feel a difference between a real shutdown and a “fake shutdown.” There is no user-interface or any button feedback until the user turns the phone back “on.”
It’s a complicated hack, but it works.
Uses are obvious:
Historically, when malware infects an iOS device, it can be removed simply by restarting the device, which clears the malware from memory.
However, this technique hooks the shutdown and reboot routines to prevent them from ever happening, allowing malware to achieve persistence as the device is never actually turned off.
I see this as another manifestation of the security problems that stem from all controls becoming software controls. Back when the physical buttons actually did things — like turn the power, the Wi-Fi, or the camera on and off — you could actually know that something was on or off. Now that software controls those functions, you can never be sure.
More Stories
UK police reveal they are running fake DDoS-for-hire sites to collect details on cybercriminals
There's bad news if you're someone who is keen to launch a Distributed Denial-of-Service (DDoS) attack to boot a website...
Microsoft Fixes Security Flaw in Windows Screenshot Tools
Information disclosure vulnerability aCropalypse could enable malicious actors to recover sections of screenshots Read More
Three Variants of IcedID Malware Discovered
The new variants hint that considerable effort is going into the future of IcedID and its codebase Read More
New MacStealer Targets Catalina, Newer MacOS Versions
The malware can extract information from documents, browser cookies and login information Read More
Can zero trust be saved?
Graham Cluley Security News is sponsored this week by the folks at Kolide. Thanks to the great team there for...
Part of Twitter source code leaked on GitHub
Part of Twitter’s source code has been leaked and posted on GitHub by an unknown user. GitHub took down the...