Home » Technology » Researchers have designed malware that works even when the smartphone is turned off

Researchers have designed malware that works even when the smartphone is turned off


You would think that once your iPhone is turned off, it is safe from malware. A team of researchers just proved otherwise by exploiting the vulnerabilities of Lower Power Mode, the actual state the iPhone is in when it’s supposed to be off, to infect it with malware.

You probably know this, but an iPhone is never really finished – that also applies to Android smartphones. When you turn off an iPhone, it essentially goes into “Low Power Mode” (LPM), a state that allows it to continue to perform functions such as Locate or Contactless Payment. In fact, it is not impossible for malware to infect the phone in this situation.

A team of researchers has shown this in a recent study. It’s not uncommon for cybersecurity experts to find new ways to install malware on our phones, obviously for preventative purposes. At the beginning of this year, a team of researchers succeeded in making malware perfectly undetectable on Apple devices. Today, therefore, it seems that the low activity of the chip in LPM is enough to infect the iPhone.

It is possible to install malware on a disabled iPhone

To make this possible, researchers have discovered that the Bluetooth chip, which is essential for Find My to work, does not allow iOS data to be encrypted. Therefore, this vulnerability could be used to infect the device with malware that can perform various actions even when the device is turned off. It is also possible to go through an over-the-air update to install it.

“The current implementation of LPM on Apple iPhones is opaque and adds new threats,” the researchers write. “Because LPM support is based on iPhone hardware, it cannot be removed with system updates. So it has a lasting effect on the overall security model of iOS. In addition, the ability to run on a disabled iPhone makes the malware even more difficult to detect.

Nevertheless, it should be noted that this discovery has very few real implications in our daily lives. It is already relatively difficult to infect an iPhone with malware, the latter must be jailbroken first. But this capability still poses risks, especially in scenarios similar to those of Pegasus, the malware that has infected the iPhones of several European leaders.