Threat Actors Can Simulate IPhone Reboots and Keep IOS Malware On a Device

An anonymous reader quotes The Record: In a piece of groundbreaking research published on Tuesday night, security firm ZecOps said that it found a way to block and then simulate an iOS restart operation, a technique that they believe could be extremely useful to attackers who may want to trick users into thinking they rebooted their device and as a result, maintain access for their malware on that infected system. The technique is of extreme importance and gravity because of the way the iPhone malware landscape has evolved in recent years, where, due to advances in the security of the iOS operating system, malware can't achieve boot persistence as easily as it once did....

As a result, many security experts have recommended over the past year that users who might be the target of malicious threat actors regularly reboot devices in order to remove backdoors or other implants....

But in a blog post on Tuesday, ZecOps said that the iOS restart process isn't immune to being hijacked once an attacker has gained access to a device, in a way to perform a fake restart where the user's device only has its UI turned off, instead of the entire OS.

Read more of this story at Slashdot.