It is called “NoReboot” and was discovered by (highly respected) mobile security specialists ZecOps. The company describes it as “the ultimate persistence bug” because it can stop iPhones affected by even temporary attacks from escaping their hacker. Moreover, it affects every iPhone model and every version of iOS and Apple cannot fix it.
The concept behind NoReboot is simple, but this is also what makes it so dangerous: it tricks users into thinking they have switched off or restarted their iPhones. It works by hijacking the InCallService, SpringBoard and backboardd background processes which handle the reboot process on iPhones and shows them a fake shutdown or startup sequence instead when users try to initiate either process. In reality, the iPhone remains on at all times.
Why is this dangerous? Because it is easier for hackers to access iPhones with ‘non-persistent’ attacks but — as the name implies — these are removed when a user shuts down or restarts their phone. But the damage these hacks can now do supersizes when combined with NoReboot code because the user cannot (by design or by accident) rid themselves of the hack. ZecOps illustrates this in the video below.
The Unfixable iPhone Hack
But by far the scariest aspect to NoReboot is Apple cannot stop it. ZecOps explains that the software itself cannot be patched “because it’s not exploiting any persistence bugs at all — only playing tricks with the human mind.”
In fact, the only way the researcher believes it could be countered is if Apple built new hardware into iPhones to indicate whether the display was truly on or off so users could tell whether the startup and shutdown process they see are real (tech savvy users may spot differences but most users would not). This hardware could only come on…