Apple Swiftly Addresses Flipper Zero Exploit Causing iPhone Shutdowns
A Fix for the Flaw that Enabled Mass Bombardment of iPhones with Popup Notifications
NEWS Security December 16, 2023 Reading time: 2 Minute(s)
In a recent development, Apple has quietly rectified a significant security loophole that allowed Flipper Zero devices to inundate nearby iPhones with popup notifications, rendering them essentially unusable until a reboot was performed.
Background
The Flipper Zero, marketed as a versatile multi-tool capable of mimicking NFC, RFID, and other radio signals, is positioned as a playful gadget for penetration testers and tech enthusiasts. However, concerns have been raised about its potential misuse, particularly as an accessible tool for hackers. Notably, the Flipper Zero itself lacks the unique denial-of-service (DOS) capability in question. This functionality is activated only through the installation of the Xtreme third-party firmware, which includes the BLE Spam app designed to flood devices with spam Bluetooth messages.
Exploit Description
With the Xtreme firmware, a Flipper Zero user could strategically position themselves, such as in a crowded intersection, to bombard all iPhones within a 30-foot radius with popup notifications. This barrage was potent enough to freeze Apple devices, necessitating a restart. While the attack could affect other operating systems like Android and Windows, it was particularly effective against Apple devices. With an extended antenna, the range of this disruptive spam could be increased to 50 feet or more.
In response to this security concern, Apple swiftly addressed the issue in its iOS 17.2 update. Tests using conducted on the latest Xtreme firmware against this update, revealed that while iPhones still received annoying popups.
Ongoing Concerns
Although the Xtreme firmware is not available on Flipper's official third-party app store, it remains accessible for download and installation, potentially putting users at risk. Flipper Zero has faced criticism as a hacking tool, leading to its removal from the Amazon store page. While widespread bans have not been imposed on Flipper devices, they have gained notoriety within law enforcement circles.
The incidents caused by Flipper Zero underscores the perpetual cat-and-mouse game between device manufacturers and potential security threats. Apple's prompt response to the exploit demonstrates its commitment to user security, but the incident serves as a reminder of the need for continuous vigilance in the rapidly evolving landscape of cybersecurity.
Apple Flipper Zero Exploit Security Vulnerability iOS Xtreme Firmware Bluetooth Spam Denial of Service Cybersecurity Technology News RSNews RSMax
*Our pages may contain affiliate links. If you buy something via one of our affiliate links, Review Space may earn a commission. Thanks for your support!
Subscribe to our newsletter and GET THE CHANCE TO WIN AN EXCLUSIVE PRICE!
Don't miss your chance to be the lucky winner of our monthly giveaway. JOIN FOR FREE NOW!
BY SUBSCRIBING YOU AGREE WITH THE TERMS OF OUR PRIVACY POLICY
SPONSORED
SPONSORED
CATEGORIES
COMMENTS