iPhones can be vulnerable to threats even when they're turned off, researchers at the Technical University of Darmstadt have found. iPhone function FindMy remains active even when the smartphone is switched off and the processor can be addressed. A comment from Lookout.
“Modern mobile devices are extremely complicated and consist of many different computer processors. In general, smartphone users interact the most with the Application Processor (AP) and the Baseband Processor (BP). These processors run most of the operating system and calling functions. However, there are numerous additional processors in the phones, such as B. the Secure Enclave processor and the Bluetooth processor of the iPhone. These processors can be exploited in the same way as the AP and BP.
iPhones turned off - processor remains active
When a user turns off their device through the iPhone's menu or power button, they assume all processors are off, but that's not the case. Services like FindMy need to work even when devices are turned off. This requires a processor that keeps running.
The good thing is that threats targeting active standby processors when a device is powered off are only theoretically possible, at least. Unfortunately, if a standby processor is running malware while the device is powered off, there is not much the user can do without destroying the device. The best option is to change passwords, back up data and perform other cybersecurity tasks on another device. Again, there is no evidence of the existence of this threat in the wild yet and it is purely theoretical.”
More at Lookout.com
About Lookout Lookout co-founders John Hering, Kevin Mahaffey, and James Burgess came together in 2007 with the goal of protecting people from the security and privacy risks posed by an increasingly connected world. Even before smartphones were in everyone's pocket, they realized that mobility would have a profound impact on the way we work and live.