© IE Online Media Services Pvt Ltd
Tags:
Journalism of Courage
Flipper Zero, a tiny piece of hardware that can interact with any type of RFID, Bluetooth and Wi-Fi-enabled devices can be used by hackers to spam iPhone users with relentless Bluetooth pop-ups by imitating devices like AirPods, AppleTV, and AirTags.
According to a recent report by TechCrunch, a security researcher named ‘Anthony’ demonstrated a denial of service attack using Flipper Zero, sending several Bluetooth pop-ups on the victim’s phone which rendered it almost unusable. It is to be noted that the attack can be imitated on any iOS device.
The exploit worked without any issues even when Bluetooth was turned off from the Control Center or the device was in airplane mode, but when the radio was turned off from the ‘Settings’ app, Flipper Zero couldn’t bombard the iPhone with pop-ups.
The security researcher said he modified the Flipper Zero firmware to imitate ‘Bluetooth Advertisements’, which is basically a type of transmission that Apple uses to connect devices like an Apple Watch or send pictures using file-sharing features like AirDrop. He went on to claim that the attack can also work over a wide range using an amplified board, but refused to share details citing security reasons.
TechCrunch says it used the firmware shared by Anthony to display a phone number transfer dialogue using Flipper Zero, with the device capturing several iPhones at the same time even when it was kept on the other side of the room.
A blog post on GitHub by ‘Techryptic’ suggests Flipper Zero can be programmed to carry out wireless attacks not only on iPhones, but can also target other devices like RFID cards and smart car keys.
While Flipper Zero requires users to be in proximity to the device, the attacks demonstrated by the security researcher give us an idea of how such exploits could be used to steal information from Apple devices.
