Apple iPhone Reboot Malware Enables Fake Shutdown To Spy On Users

Not even an iPhone is safe from malware trying to get into your phone and do damage. Security researchers over at ZecOps have fashioned a technique that fakes a shutdown on an iPhone, naming it “NoReboot.” This method prevents reboots on iPhone and grants remote attackers to manipulate your device while being completely undetected.

For the most part, rebooting wipes out any malicious code on Apple‘s iPhone; however, not in this case. Researchers at ZecOps have allowed “NoReboot” to run in the background, granting the attacker complete control over the user’s iPhone.

How does NoReboot work?

While taking a closer look at the working of the NoReboot technique inside an iPhone, the security researchers displayed the working through a video demonstration. In addition, ZecOps researchers have dubbed the process to be the “ultimate persistence bug,” and boy does it stand up to the name.

NoReboot technique works by injecting the iPhone with malicious code in three background processes responsible for the reboot process on the device. Process – InCallService, SpringBoard, and backboard. Furthermore, the technique works by ‘simulating a real iPhone reboot.’ Which further tricks users into believing that the device is shut down. If the device is still running, with the ultimate persistence bug in the background.

NoReboot grants the attacker access to the camera and microphone, silently spying on the unsuspecting iPhone user. Upon successfully seizing control of the device, the attacker could potentially manipulate the device into doing all sorts of things.

What’s baffling is that the ‘fake reboot’ process on the iPhone can fool users into believing their device is turned off. While in reality, the phone is awake and connected to the internet. Shockingly, iPhone’s camera indicator was not triggered when the iPhone was compromised.

The worst part is there’s no patch for the NoReboot technique in iPhone; since it doesn’t exploit any bugs on the system and is not malware. Researchers at ZecOps said Apple would need to build an indicator on a hardware level to detect and show the phone’s on and off status.

So how does one make sure they’re safe from NoReboot? For now, iPhone users can make sure to download secured apps only via the App Store. Also, there are tools by ZecOps to check if your phone has NoReboot or any malware in it.