19.11.2024
iOS

iPhone found a vulnerability that allows you to simulate a reboot and spy on users

You think that the smartphone went into reboot, and at that time it can shoot video and download data.

An iPhone has been found to have a vulnerability that allows it to simulate a reboot and spy on users

Cybersecurity experts at ZecOps have developed a technology that simulates shutting down an iPhone to steal data. She received the name NoReboot. Its code remains on the device even after an iOS reboot, although it was previously believed that the OS was protected from this.

With NoReboot, attackers can theoretically spy on iPhone owners through a camera and microphone without revealing themselves in any way. The system injects malicious code into three background processes: InCallService, SpringBoard, and backboardd. They are responsible for the process of rebooting Apple smartphones.

The use of NoReboot was shown in the video:

According to the researchers, when a hacker intercepts the reboot process, the user will think that the device is turning off. But in fact, the iPhone will remain active and connected to the Internet. Also, NoReboot can imitate the boot process so that the owner of the gadget does not suspect anything.

There is no patch that would help solve the problem with NoReboot – formally, the technology does not exploit errors in the iOS code. To avoid becoming a victim of such attacks, you should install applications only from official stores, do not follow dubious links, and follow other digital security rules.