Flipper Zero can still crash iPhones running the latest iOS 17

Flipper Zero can still crash iPhones running the latest iOS 17

in September, 9to5Mac Flipper Zero, a popular and cheap hacking tool, was reported to have been used to wreak havoc on nearby iPhones and iPads, spamming them with fake Bluetooth pop-ups until they eventually malfunctioned.

Despite several iOS 17 updates since then, including the release of the new iOS 17.2 beta last week, Apple has yet to implement preventive measures to prevent the attack. So, what gives?

Flipper Zero attack using iPhone Bluetooth exploit

You’ll find that the Flipper Zero can be a pretty harmless device. It is sold as a portable multitool for penetration testers and hobbyists that can be programmed to control multiple radio protocols.

However, since the firmware is open source, it can be modified with new software that turns it into a low-orbit ion cannon to direct bad actors at unsuspecting victims.

First pointed out by a security researcher Techriptic, Ph.D.when additional software is loaded onto the Flipper Zero, it can then perform denial of service (DoS) attacks, spamming iPhones and iPads with a massive amount of Bluetooth connection notifications that cause the devices to freeze for minutes and then reboot.

The attack uses a vulnerability in the Bluetooth Low Energy (BLE) pairing sequence. Apple uses many BLE technologies in its ecosystem, including AirDrop, HandOff, iBeacon, HomeKit, and many more you can do with the Apple Watch.

A notable feature of BLE is its ability to send advertising packets, or ADV packets, to identify local devices on iPhones and iPads. Thanks to these packages, activities such as pairing the new AirPods are done through an animated pop-up window in the lower half of the device.

Unfortunately, these ADV packages can be spoofed, and that’s what hackers take advantage of… with the help of Flipper Zero.

Protection against Flipper Zero attack

The Flipper Zero has a good Bluetooth radio range of about 50 meters (~164 feet), which means that carrying out DoS attacks would require hackers to be close but far enough away to wreak havoc at cafes and sporting events without being detected.

What’s worrying about this attack is that there’s no realistic way to protect devices yet.

The only thing users can do is disable Bluetooth in settings (Airplane mode will not work). I would not consider this a solution in any way. Obviously, this will limit functionality, and Apple will simply re-enable it every time you update to the latest version of iOS.

What does Apple do?

For a company with one of the best security track records, Apple has yet to acknowledge the existence of the BLE vulnerability being exploited. The reason may be technical, but many believe that Apple is not taking this vulnerability seriously because it does not yet pose a significant enough threat to users and/or user privacy.

Let us know what you think in the comments below.

Follow Arin: Twitter (X), LinkedIn

FTC: We use automatic affiliate links to earn income. more.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *