This iOS malware fakes an iPhone shutdown to avoid death

This iOS malware fakes an iPhone shutdown to avert death

(Image credit: Future)

Cybersecurity researchers from ZecOps have demonstrated a new Trojan for iOS devices, including iPhones, that avoids being terminated by faking a shutdown.

Usually, an iOS malware can be eliminated past rebooting a device, equally that clears it from memory. However, a malware strain could potentially play tricks the victim into thinking the device was close downward when, in fact, it wasn't, that manner remaining operational.

The proof of concept malware, named "NoReboot", follows a couple of steps. Get-go, the reboot trigger: iOS users need to concord the power push button and either book push button, until the slider with the reboot pick appears. Then, they need to interact with the slider to initiate the shutdown.

Physical detection impossible

This is the start process that is hijacked. Instead of actually triggering the shutdown, the malware will send a specially crafted lawmaking, making the device not-responsive to user input. Then, it will trigger the shutdown process indicator (the spinning wheel), and start monitoring for physical push button clicks and screen touches.

That style, the malware volition know when the victim tries to "plow on" the device, and foreclose them from pressing the ability push button for too long and actually triggering a hard reset.

"This will exit all processes and restart the system without touching the kernel. The kernel remains patched. Hence malicious lawmaking won't have any trouble continuing to run after this kind of reboot. The user volition see the Apple Logo effect upon restarting," the researchers explained.

Every bit a effect, it is impossible for users to physically detect if the device had been turned off, or not. Describing it as a flim-flam, and not actual malware that exploits flaws, BleepingComputer believes Apple will non carp patching it up.

It remains unclear how the Trojan handles other potential ruby-red flags, such every bit the SIM PIN prompt afterwards every restart, or what happens if the user decides to close the device down by going to Settings>General>Shut Downwardly.