What researchers discovered about iPhones in low-power mode
When an iPhone dies, it still works a little. Researchers think this feature could be exploited.
The latest iPhones don’t fully power off when you turn them off or they run out of battery. A few key components go into a special low-power mode so that you can still use features like Find My, pay for things with your credit card, start your car, or open your house door—at least for a little while. A team of researchers from the Technical University of Darmstadt in Germany, however, have published a paper disclosing a new—for now, theoretical—way that this could allow iPhones to be hacked.
It’s worth noting that iPhones technically have two low-power modes. There’s the hardware one in question now, and the iOS software low-power mode which optionally kicks in when your battery life drops below 20 percent to keep your phone running for a little longer.
Since iOS 15, the iPhone XR, XS, 11, 12, 13, and most recent SE models have supported this special hardware low-power mode. It only works with the Near-Field Communication (NFC), ultra wideband, and Bluetooth chips, which is why it only supports such a limited set of features. It’s basically designed so that if you rely on your iPhone as your wallet, student ID, car keys, hotel key, or the like, you won’t be stuck if you run out of juice. (Find My also stays on for a couple of hours in case you lose it.)
What the research team in Germany have discovered is that the Bluetooth chip inside iPhones doesn’t digitally sign (which ensures it’s from a legitimate source) or even encrypt the firmware it runs. This means that if a bad actor was able to install malicious code on your iPhone, they could use the Bluetooth chip to track your phone’s location or even run new features when it was powered down.
Like the Spectre vulnerability discovered a few years ago, this is a hardware issue so can’t easily be fixed with a software update or patch. It will affect current iPhones indefinitely and, until Apple changes how the low-power mode is implemented in new iPhones, it will also likely affect future models. According to Ars Technica, Apple researchers reviewed the paper before it was published but declined to provide feedback. Apple also didn’t respond to Ars Technica’s request for comment.
[Related: You need to protect yourself from zero-click attacks]
With all that said, this isn’t cause for panic. This kind of exploit is mostly used by state actors targeting specific people and institutions. For now, it appears that the hackers would have to have physical access to the iPhone and jailbreak it in order to install malicious firmware on any of the chips that still run in low-power mode. Only then could they do things like track the phone when it’s powered off or simply disable Find My so they could keep your phone. The big concern is that, going forward, a private or state intelligence agency (which are already able to remotely compromise some iPhones) would find a way to also install compromised firmware remotely, unlocking a whole new range of potential exploits.
The rest of us are far more likely to get caught out by distressingly simple phishing scams. Fake texts, fake emails, fake websites, and even fake QR codes that purport to be from your bank, cellphone provider, or other trusted company are easy to fall for. These scam messages trick you into entering your login details, credit card information, or even information like your social security number. They cost victims billions each year.
While it’s possible to take steps to protect yourself from phishing scams, it’s almost impossible to be 100 percent safe. I’ve been writing about scams and cybersecurity for almost a decade, and just last week I fell for a phishing SMS and had to replace my credit card.
Stories like this are going to keep making news, mostly because every new set of new features opens up new options for hackers. As John Loucaides, senior vice president of strategy at firmware security firm Eclypsium, tells Ars Technica, “This is typical for every device. Manufacturers are adding features all the time and with every new feature comes a new attack surface.”
Features like this special low-power mode are, on balance, great for users. But they will always come with potential downsides.