Flipper Zero can be used to crash iPhones running iOS 17, but there’s a way to foil the attack

Flipper Zero can carry out a denial of service attach on iPhones running the latest iOS 17

Adrian Kingsley-Hughes/ZDNET

The Flipper Zero can do a lot, but I wasn’t expecting it to be able to be able to lock up an iPhone using nothing more than Bluetooth.

But it turns out it can do just that.

Also: Flipper Zero just went even more retro with this cool limited-edition version

Now, you can’t do this with a stock Flipper Zero. If you want to test this out, you’ll need to have a Flipper Zero and then load an early developer build of Xtreme third-party firmware onto it.

From there it’s a matter of firing up an app called Apple BLE Spam and choosing an attack called Lockup Crash.

And it does exactly what it says in the name – it’ll lock up and crash the iPhone.

Basically, it performs a denial of service (DoS) attack on iPhones.

ZDNET has tested this and can confirm that it can lock up an iPhone running the latest iOS 17.0.3. The issue does not appear to affect iPhones running iOS 16.

Also: If you like your Flipper Zero, then you’ll love this

But the Apple BLE Spam app can do more. It can also initiate an array of pairing attacks that are more spammy than causing crashes, but are still annoying to the iPhone user, and at this point it’s unclear if they could be crafted into a different attack.

Using Apple BLE Spam to spam an iPhone with popups

Using Apple BLE Spam to spam an iPhone with popups

Adrian Kingsley-Hughes/ZDNET

Also: 7 cool and useful things to do with your Flipper Zero

You’re probably wondering how best to protect yourself. I can only find one way — turn off Bluetooth, either by going into Control Center and disabling it there (this only stays off until the next day) or going Settings > Bluetooth and flipping the toggle there.

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button