Malware threat to Low-Power Mode (LPM) in Apple iPhones

A group of security researchers from Germany have discovered that the low-power mode feature in Apple iPhones acts as an access point to hackers to induce malware that can emerge as a major cyber threat to the device users.

To those uninitiated about LPM, here’s a gist. Apple iPhone has a feature called low-power mode that keeps some apps running even if the user switches off the mobile. Meaning, some apps run in the background even when the mobile is switched off, like Fine my Device service, payment apps, travel cards, digital car keys and such..

Though LPM is a significant feature to prove handy, it can also be introduced by security risks that might turn fatal at any time.

Security Researchers from the Secure Mobile Networking Lab at TU Darmstadt, Germany found that in some iPhone models Bluetooth, NFC, and Ultra wideband wireless communication systems remain active even when the device is shut down- all because Bluetooth and UWB chips are hard-wired with the Secure Element in the NFC chip that stores a data trove of secrets that are open for access even in Low-power mode.

What if a hacker sends custom commands to firmware introduces malware by modifying the firmware image or achieves code execution over the air?

Researchers believe that the only solution to avoid any crisis in this situation is to add a hardware switch to the device that helps disconnect the battery.

Apple is yet to react to the findings and it might surely have its own solution to counter such situation.


Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display