TwitterLiker
Researchers have come up with a funny technique that simulates shutting down or restarting the iPhone, preventing malware removal and allowing hackers to secretly spy on cameras and microphones, receiving sensitive data over a connection network.
NoReboot lives up to its name
Historically, when a virus infects an iOS device, it can be removed simply by restarting the device, which clears the malware from memory. However, this technique blocks the system's shutdown and restart routines, allowing malware to persist since the device is never actually powered off. Like this attack, which researchers logically call "NoReboot" ), does not exploit any flaws in iOS and relies on human deception, it cannot be fixed by Apple. To restart the iPhone, you know to press the power button and one of the two volume buttons and hold them down until the restart option slider appears, then wait several seconds for the action to complete. camera is disabled, the screen becomes unresponsive to taps, call and notification sounds are muted, as are vibrations or camera or mic usage indicators. ZecOps security researchers have put developed a trojan-like PoC (proof of concept) that injects specially crafted code into three iOS daemons to simulate a shutdown by disabling all the above flags.
How it works NeReboot
Concretely, the Trojan hijacks the shutdown event by hooking the signal sent to the "SpringBoard" (user interface interaction daemon). Instead of the expected signal, the software will send a code that will force the "SpingBoard" to shut down, rendering the device unresponsive to user input. It's the perfect feint in this case, as devices that enter a shutdown state naturally no longer accept user input. loading which indicates that the shutdown process is in progress. "BackBoardd" is another iOS daemon that logs events of physical button clicks and screen touches with timestamps. Its misuse lets the Trojan know when the user tries to turn on the phone. By monitoring these actions, the user can be tricked into releasing the button sooner than expected, thus avoiding an actual reboot. ZecOps describes the next step of the "NoReboot" attack as follows:
Upon completion, the user is back to a normal UI with all processes and services working as expected, with no indication that they just experienced a simulated reboot.
The video demonstration
Zecops has created a video showing the NoReboot technique in action, illustrating how it can easily fool someone into thinking their device has been turned off. So be careful with your iPhone, even under iOS 15!