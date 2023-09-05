In a recent demonstration by a security researcher known as Anthony, it was revealed that hackers can use a hacking tool called Flipper Zero to spam iPhones with annoying pop-ups. This attack essentially creates a denial-of-service situation, rendering the iPhone nearly unusable. Anthony referred to the attack as a “Bluetooth advertising assault.”

The Flipper Zero is a small device that can be programmed to perform wireless attacks on various devices within its range. In addition to iPhones, it can target car keyfobs, contactless cards, RFID cards, and more. By tweaking the firmware of the Flipper Zero, Anthony was able to broadcast Bluetooth Advertisements, which are signals used by devices to announce their presence and capabilities.

To reproduce the attack, TechCrunch compiled the proof-of-concept code provided by Anthony and loaded it into a Flipper Zero device. Simply turning on Bluetooth from the Flipper Zero caused the nearby iPhones to receive the pop-up signals. The researchers successfully imitated an AirTag and transferred a phone number using the manipulated code.

It is important to note that the Bluetooth range for the attack was limited to close proximity, such as tapping the iPhone with the Flipper Zero. However, Anthony mentioned that he has devised a technique that can work over “thousands of feet” using an “amplified board.” He has chosen not to release the details of this technique due to concerns about potential abuse.

Security researchers have been focusing on highlighting the vulnerabilities of Bluetooth in recent times. During the Def Con hacking conference in August, a researcher scared and confused attendees by making alerts pop up on their iPhones using a Raspberry Pi Zero 2 W and other components.

To mitigate these attacks, Anthony suggested that Apple should ensure that Bluetooth devices connecting to an iPhone are legitimate and valid. Additionally, Apple could reduce the distance at which iDevices can connect to other devices using Bluetooth.

It is essential for users to be cautious when connecting their devices to Bluetooth devices and to ensure that they are aware of the potential risks associated with such connections.

No response has been received from Apple regarding this issue at the time of writing.

Source: TechCrunch