Lord777
Professional
- Messages
- 2,577
- Reaction score
- 1,563
- Points
- 113
How can a handheld device permanently disable your iPhone?
In early October, an incident occurred that raised questions about the safety of using modern gadgets in public places. Security researcher Jeroen van der Ham was the victim of an attack on his iPhone while traveling on a train in the Netherlands. His smartphone started receiving a stream of pop - up notifications about Bluetooth connectivity, which made the device virtually unusable and led to a reboot. The situation was repeated during the second trip, when the same notifications were received not only by the researcher, but also by other passengers.
Van der Ham attributed the failures to the presence of a certain passenger in the car – he was working on his MacBook, to which an iPhone was connected via USB. The man continued his work, not paying attention to how the devices of the passengers around him were being rebooted. As a result, the researcher came to the conclusion that this particular passenger is the source of problems.
After conducting research, van der Ham found out that the cause of the attacks is the Flipper Zero device, which can interact with various types of wireless communication, including RFID, NFC, Bluetooth, Wi-Fi and standard radio.
Van der Ham recreated the attack in a controlled environment, which worked just as it did during his train ride. Van der Ham flashed his device with a special Flipper Xtreme firmware, which he purchased from the Discord channel dedicated to Flipper Zero. The firmware allows you to send a constant stream of Bluetooth Low Energy (BLE) packets to devices under the guise of various devices that want to connect via Bluetooth, which caused the iPhone to crash.
Simulating connection requests under the guise of different devices
It is noteworthy that the attack did not cause crashes on iPhones running on iOS before version 17.0. Apple representatives did not respond to requests for plans to release updates to prevent such attacks.
Currently, to prevent this type of attack on iOS, users can disable Bluetooth in the settings, but this may be difficult or even impossible during an attack. Similar DoS attacks can also be carried out against Android and Windows-based devices using the Flipper Xtreme firmware.
In early October, an incident occurred that raised questions about the safety of using modern gadgets in public places. Security researcher Jeroen van der Ham was the victim of an attack on his iPhone while traveling on a train in the Netherlands. His smartphone started receiving a stream of pop - up notifications about Bluetooth connectivity, which made the device virtually unusable and led to a reboot. The situation was repeated during the second trip, when the same notifications were received not only by the researcher, but also by other passengers.
Van der Ham attributed the failures to the presence of a certain passenger in the car – he was working on his MacBook, to which an iPhone was connected via USB. The man continued his work, not paying attention to how the devices of the passengers around him were being rebooted. As a result, the researcher came to the conclusion that this particular passenger is the source of problems.
After conducting research, van der Ham found out that the cause of the attacks is the Flipper Zero device, which can interact with various types of wireless communication, including RFID, NFC, Bluetooth, Wi-Fi and standard radio.
Van der Ham recreated the attack in a controlled environment, which worked just as it did during his train ride. Van der Ham flashed his device with a special Flipper Xtreme firmware, which he purchased from the Discord channel dedicated to Flipper Zero. The firmware allows you to send a constant stream of Bluetooth Low Energy (BLE) packets to devices under the guise of various devices that want to connect via Bluetooth, which caused the iPhone to crash.
Simulating connection requests under the guise of different devices
It is noteworthy that the attack did not cause crashes on iPhones running on iOS before version 17.0. Apple representatives did not respond to requests for plans to release updates to prevent such attacks.
Currently, to prevent this type of attack on iOS, users can disable Bluetooth in the settings, but this may be difficult or even impossible during an attack. Similar DoS attacks can also be carried out against Android and Windows-based devices using the Flipper Xtreme firmware.
