Apple has implemented a lot of useful technologies in its devices to make it easier to pair them with certain Bluetooth accessories, such as AirPods and AirTags. However, some hackers are now using these same technologies to annoy iPhone users. With a relatively inexpensive tool called Flipper Zero, they can spam iPhones with fake Bluetooth pop-ups, making the device “unusable.”
Faking Bluetooth connections to an iPhone or iPad
For those unfamiliar, a Flipper Zero is a small, somewhat cheap device that can be programmed to control multiple radio protocols.
As reported by TechCrunch, a security researcher recently demonstrated how to use a Flipper Zero to perform wireless attacks on Apple devices such as an iPhone or iPad. The hacker says the attack is “a Bluetooth advertising assault” because it basically causes the device to show several Bluetooth connection pop-ups to the user, making it difficult to use the iPhone or iPad.
More specifically, what the hacker does is program the Flipper Zero to act as an official Bluetooth accessory, like a pair of AirPods. This is made possible because these accessories rely on a protocol called Bluetooth Advertisements, which informs another Bluetooth device nearby of their existence.
In addition, code injected into Flipper Zero forces the device to repeatedly send the pairing signal. As a result, any Apple device nearby will show the connection pop-up non-stop. As shown a few weeks ago during Def Con 2023, this can be used to annoy iPhone and iPad owners since there’s no way to ignore these pop-ups.
iOS is still susceptible to these attacks
According to the security researcher who spoke to TechCrunch, he developed this attack as a “proof of concept” to warn that Apple should provide an option to ignore Bluetooth connections with unknown devices. While iOS lets you close the pop-up, it will keep showing up as long as the accessory (or Flipper Zero) is nearby.
More alarmingly, the attack works even when the iPhone is in Airplane Mode since the Control Center toggle doesn’t disable Bluetooth. The only way to stop the attack is by manually turning off Bluetooth in the Settings app (which will also interrupt the connection with the iPhone owner’s accessories).
The researcher said Apple could mitigate these attacks by ensuring the Bluetooth devices connecting to an iPhone are legitimate and valid, and also reducing the distance at which iDevices can connect to other devices using Bluetooth.
It’s unclear at this point whether Apple is already working on a way to prevent this type of attack, as the company didn’t respond to a request for comment.
Update: A representative behind the company that makes Flipper Zero told 9to5Mac that the hacks shown by the security researcher are “impossible on the default hardware” as the company takes precautions to “ensure the device can’t be used for nefarious purposes.”
However, since the firmware is open source, users can modify it in an improper way. The company also agrees that Apple should implement safeguards to prevent such attacks.
FTC: We use income earning auto affiliate links. More.
Comments