This little device sends updated iPhones into a never-ending DoS loop

This little device sends updated iPhones into a never-ending DoS loop
Zoom in / A fully updated iPhone (left) after being forcibly smashed by Flipper Zero (right).

Jeroen van der Ham

One morning two weeks ago, security researcher Jeroen van der Ham was traveling by train in the Netherlands when his iPhone suddenly displayed a series of pop-ups that made it nearly impossible to use his device.

“My phone was getting these popups every few minutes and then my phone would reboot,” he wrote to Ars in an online interview. “I tried putting it in lock mode, but it didn’t help.”

To Van der Ham’s surprise and distress, the same exhausting stream of pop-ups appeared again that afternoon on the ride home, not only against his own iPhone but also against the iPhones of other passengers in the same train car. He then noticed that a nearby passenger was also present that morning. Van der Ham put two and two together and pointed the finger at the passenger as the culprit.

“He was happily working on some kind of app on his Macbook, took out his iPhone himself, plugged it in via USB so he could work while all the Apple devices around him were rebooting and he wasn’t even paying attention to what was happening.” . He said. “Your phone becomes almost unusable. You can still do things in between for a few minutes, so it’s really annoying to experience. Even as a security researcher who heard about this attack, it’s really hard to realize that this is what’s going on.”

See also  System Shock gets a May 30th release date for PC after a successful demo

“The trick is over”

It turns out that the perpetrator was using Flipper Zero device Sends Bluetooth pairing requests to all iPhones within radio range. This thin and lightweight device has been around since 2020, but has become more visible in recent months. It’s like a Swiss Army knife for all types of wireless communications. It can interact with radio signals, including RFID, NFC, Bluetooth, Wi-Fi, or standard radio. People can use it to secretly change TV channels in bars, clone some hotel key cards, read an RFID chip implanted in pets, open and close some garage doors, and disrupt the normal use of iPhones.

These types of hacks have been possible for decades, but require special equipment and a fair amount of experience. The capabilities generally require expensive SDRs — short for software-defined radios — which, unlike traditional hardware-defined radios, use firmware and processors to digitally recreate the processes of transmitting and receiving radio signals. The $200 Flipper Zero is not an SDR per se, but as a software-controlled radio, it can do many of the same things at an affordable price and in a much more convenient form factor than previous generations of SDRs.

“Mission accomplished: software radios have made previously inaccessible attacks available to more people than before, and will continue to be worked on,” Dan Guido, CEO of security firm Trail of Bits, wrote in an interview. “Technology-savvy people can now easily clone most hotel or office key cards. They don’t need any knowledge of signals or have to mess around with open source or Linux code. [It] It certainly democratizes some previously complex RF [radio frequency] Hacking is only in the hands of humans.”

See also  Chrome extensions with 1.4M installed secretly track visits and inject code

The manufacturer Flipper Zero describes the device as a “portable multi-tool for hackers and geeks” suitable for hacking radio protocols, building access control systems, troubleshooting hardware, cloning electronic key cards and RFID cards, and for use as a universal TV remote. . Its open source design allows users to equip the device with custom firmware for new capabilities.

Some specifications of the device include:

  • 1.4-inch monochrome LCD screen
  • GPIO pins for connecting external devices that greatly expand its capabilities
  • USB-C port for power and firmware update
  • Micro memory card port
  • Infrared transmitter and receiver
  • Sub 1GHz antenna
  • TCC 1101 chip
  • 1-Wire pogo pin to read contact keys
  • 2000 mAh battery
  • Low power MCU
  • ARM Cortex-M4 32-bit 64MHz (application processor)
  • ARM Cortex-M0+ 32-bit 32MHz (radio processor)
Top view of Flipper Zero.
Zoom in / Top view of Flipper Zero.
Bottom and back view of Flipper Zero.
Zoom in / Bottom and back view of Flipper Zero.

flipperzero.one

“The idea of ​​Flipper Zero is to combine all the hardware tools you need to explore and develop on the go,” the manufacturer wrote. “The Flipper was inspired by a pwnagotchi project, but unlike other DIY boards, the Flipper was designed with everyday comfort in mind – it has a sturdy chassis, easy-to-use buttons, and a shape, so there are no dirty PCBs or scratched pins.”

Leave a Reply

Your email address will not be published. Required fields are marked *