Cyber security company ZecOps has detected an unrecoverable iPhone vulnerability by developing software called NoReboot, which allows users to steal personal data.
This software simulates a shutdown or restart scene where physical feedback such as incoming calls and message announcements, 3D touch, vibration, screen, camera indicator do not work. At the same time, the screen displays the classic animation that turns the device on / off to mislead the user.
In the event of a “false shutdown”, attackers can remotely access the iPhone’s microphone and camera and do whatever they want without informing the user about it.
Normally restarting the iPhone may stop running malicious software, but NoReboot technology allows you to control the smartphone immediately after restarting, so the process is useless in this case.
NoReboot works by injecting malicious code into three background processes: InCallService, SpringBoard and backboardd, which are responsible for the iPhone restart process.
According to ZecOps, the software bug fixes this issue, and it works on all iPhones on any version of iOS.