Shocking! Apple iPhone 13, iPhone 12 can be HACKED even when switched off! Know how

    Apple iPhones, even new iPhone 13 and iPhone 12, can be hacked when they are switched off. Know the details of this new study on iPhones' security.
    By HT TECH
    | Updated on May 21 2022, 03:53 PM IST
    Apple's wireless chips are the reason behind the vulnerability of iPhone 13 and iPhone 12 hacking even after its power off.
    Apple's wireless chips are the reason behind the vulnerability of iPhone 13 and iPhone 12 hacking even after its power off. (HT Tech)
    Apple's wireless chips are the reason behind the vulnerability of iPhone 13 and iPhone 12 hacking even after its power off.
    Apple's wireless chips are the reason behind the vulnerability of iPhone 13 and iPhone 12 hacking even after its power off. (HT Tech)

    Apple iPhones have always been about privacy and security. Now, things may have changed. Your iPhone, whether it is iPhone 13, iPhone 12 or any other iPhone model, is at some risk from hacking and malware, a report suggests. This new study revealed a shocking discovery about iPhone security. It says that an iPhone is vulnerable to malware attacks even when you switch it off. Behind this leak in the security of the iPhone are Apple's wireless chips, a team of researchers from the Technical University of Darmstadt in Germany revealed.

    The study mentions, "When an iPhone is turned off, most wireless chips stay on. For instance, upon user-initiated shutdown, the iPhone remains locatable via the Find My network. If the battery runs low, the iPhone shuts down automatically and enters a power reserve mode. Yet, users can still access credit cards, student passes, and other items in their Wallet." Also Read: iPhone 13 user? BEWARE! This cable can steal your money!

    "On recent iPhones, Bluetooth, Near Field Communication (NFC), and Ultra-wideband (UWB) keep running after power off, and all three wireless chips have direct access to the secure element,” the study mentioned in the research paper. Though, these are the useful components for your iPhone as they are what allows you to find lost iPhones or use the Apple's Find My Device feature to detect things like digital car keys and express payment cards even without any power. But the recent study by the Darmstadt researchers shows that this is open to exploitation. Also Read: NEVER make these 5 mistakes with iPhone 13, iPhone 12 and others

    The study says, "We show that it is possible to create malware that runs on iPhone 13 Bluetooth chips, even if the phone is powered off."

    It explained, "iOS 15 introduces two new LPM features: (i) Find My, Apple’s Bluetooth Low Energy (BLE)-based offline finding network, and (ii) Digital Car Key (DCK) 3.0 support, which uses UWB for a secure distance measurement. Thus, also the Bluetooth and the UWB chip are able to operate standalone while iOS is powered off."

    How hackers can take advantage of this iPhone security loophole?

    The new research on iPhone security and privacy explained that the LPM quirk could be exploited by modifying the Bluetooth chip's firmware and loading in malware. As it's hard to detect firmware changes without specific knowledge and equipment, hackers can use this opportunity to secretly monitor an iPhone user. They can even gain access to secure data within the phone.

    Worst part is that this is the part of the iPhone's components, and not the software update which can be easily updated by Apple. That means, this vulnerability will remain in place for a long time! Hence, researchers of the study argue that this needs to be acknowledged and rectified as soon as possible.

    But there's some relief for iPhone users! Accessing these components of the iPhone would require a lot of work and importantly, physical access to the iPhone by hackers. Researchers have shared the findings of the iPhone security study with Apple. Find the report here

    Until Apple responds and takes precautionary measures, the researchers suggest that Apple has a hardware-level battery disconnect option that can allow users to defend themselves against the kind of attacks they've explored.

    Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.

    First Published Date: 21 May, 03:50 PM IST
    NEXT ARTICLE BEGINS
    keep up with tech