ALL iPhone users have been warned of a new “final persistence bug” affecting all models – and Apple can’t fix it.
The new threat is called “NoReboot” and was discovered by reputable mobile security experts ZecOps.
ZecOps says NoReboot is especially dangerous because it can prevent iPhones affected by attacks and even temporarily escape their hackers.
It affects every iPhone model and every iOS version.
NoReboot is supposed to fool users into thinking they have turned off or restarted their iPhone.
The bug attacks InCallService, SpringBoard, and backboardd background processes that handle reboots on iPhones, according to a report. Forbes report.
It shows a fake startup or shutdown sequence when the user tries to start either process.
In fact, the iPhone is still on.
This disturbing development is especially dangerous because it is easier for hackers to access iPhones with “intermittent” attacks, but these are dropped when users turn off or restart their phones.
But the damage that hacks can do increases when combined with the NoReboot code because users cannot get rid of the hack themselves.
ZecOps said Apple was unable to prevent an attack because the software itself cannot be patched “because it doesn’t exploit any persistent bugs – just playing tricks with the human mind.”
Researchers at ZecOps believe that the only way it can defend against the attack is if Apple integrates new hardware into its iPhones to tell if the phone is actually on or off.
Even so, this potential new hardware will only come with new models, meaning millions of iPhones will be vulnerable.
ZecOps recommends forcing a reboot if you happen to notice your startup or shutdown sequence is being spoofed, although it’s barely noticeable for most users.
It also recommends installing detection tools and following the usual best practices, such as downloading apps only from trusted sources.
The US newspaper The Sun has reached out to Apple for comment.
https://www.thesun.co.uk/tech/17263532/apple-iphone-warning-noreboot-bug-zecops/ iPhone users have warned about the NoReboot bug that makes the device vulnerable to hackers