iOS malware can fake iPhone shut downs to snoop on camera, microphone


Level 83
Thread author
Top poster
Content Creator
Malware Hunter
Aug 17, 2014
Researchers have developed a new technique that fakes a shutdown or reboot of iPhones, preventing malware from being removed and allowing hackers to secretly snoop on microphones and receive sensitive data via a live network connection.
Historically, when malware infects an iOS device, it can be removed simply by restarting the device, which clears the malware from memory.
However, this technique hooks the shutdown and reboot routines to prevent them from ever happening, allowing malware to achieve persistence as the device is never actually turned off.
Because this attack, which the researchers call "NoReboot" does not exploit any flaws on the iOS and instead relies on human-level deception, it cannot be patched by Apple.
Security researchers from ZecOps has created a video showing the NoReboot technique in action, illustrating how it can easily trick anyone into thinking their device has been turned off.

Last edited: