NoReboot allows you to intercept the reboot and shutdown process and make sure they never happen.
ZecOps specialists have developed a new method to simulate iPhone restart or shutdown and thereby prevent malware from being removed from it, with which hackers can secretly track a victim through a microphone and phone camera.
As a rule, in order to remove malware from an iOS device, simply restart it. The method developed by ZecOps specialists allows you to intercept the process of reboots and shutdowns and make it so that they never happen. This way the malware gains persistence on the system as it never actually shuts down.
Because the attack, dubbed NoReboot, does not need to be exploited, Apple is unable to release a hotfix.
To restart iPhone, you need to press and hold the power button or volume control until a slider appears with the option to restart. Then you should wait 30 seconds for the process to complete.
When the iPhone is turned off, the screen goes blank, the camera turns off, the long press does not respond, the ringtone and notification sounds fade and there is no vibration. ZecOps has developed a PoC Trojan capable of injecting special code into three iOS daemons to simulate shutdown by disabling all of these indicators.
The Trojan intercepts the shutdown event by intercepting the signal from the SpringBoard application that is responsible for interacting with the user interface. Instead of the expected signal, the Trojan sends a code that forcibly terminates SpingBoard, causing the device to stop responding to user actions. It looks like the iPhone is turned off.
The BackBoardd daemon, which logs physical button presses and timestamped screen touches, is then instructed to display a spinning wheel to indicate that the device is turned off. The user thinks that the iPhone has turned off, releases the button ahead of time, and the actual shutdown process never starts.
The video below shows the NoReboot attack in action. Judging by the video, with its help you can very easily convince the victim that her phone is turned off.
Hacker Hacked Fast Company’s Apple News Account and Spread Racist Messages
An unknown hacker was able to access the business publication Fast Company’s Apple News account and sent out a series of obscene and racist messages via push notifications. Subscribers are the victims.
Fast Company confirmed the hack, and so did Apple. The incident is currently under investigation.
“Fast Company’s Apple News account was hacked Tuesday night. After that, two push notifications with obscene and racist content were sent with a minute interval. The messages are disgusting and do not match Fast Company content. We are investigating the incident and have also paused feed updates and closed FastCompany.com until we are confident the situation has been resolved.“, – noted in the publication.
Shortly before the shutdown, the hacker himself posted an entire article on the Fast Company website, where he described in detail how he managed to bypass the protection. It turned out that the accounts on the site were protected by the same password, this also applies to the account of the site administrator. Having gained access to them, the hacker was able to get to the authentication tokens and log in to Apple News.
At the same time, in addition to hooliganism, no financial losses or manipulations were recorded.
Young hacker who leaked GTA 6 material denies his guilt
The 17-year-old hacker, who was previously arrested in the UK on suspicion of hacking Rockstar Games and Uber, has pleaded not guilty. According to police, he appeared in court over the weekend, but refused to plead guilty to PC misuse. At the same time, he admitted that he violated the conditions of release on bail. Now he is being held in a juvenile detention center.
According to investigators, the 17-year-old is part of the Lapsus$ hacker group and is behind the recent leak of videos and other details of the $2 billion GTA 6 game.
Earlier, a hacker under the nickname teapotuberhacker published an archive with video and source code from an early version of GTA 6, which has already gone viral. Take-Two tried to stop the spread of the leak, but it was only partially successful.
The hacker also said that it was he who attacked the Uber computer system, gaining access to correspondence, email addresses, and so on.
At the moment, the investigation is ongoing, so it is not yet clear how this story will end.
Cloudflare introduces world’s first eSIM with better security than VPN
Cloudflare has introduced a new solution that may be suitable for smartphone and mobile Internet users. We are talking about an eSIM card called Zero Trust SIM. Its peculiarity is that it provides an increased level of security, reducing the risk of number substitution.
In technical terms, we are talking about the transfer of DNS requests through the Cloudflare gateway, which allows you to protect them from interception and spoofing. Also promised is a check of all intermediate nodes through which the device accesses the Internet.
According to Cloudflare CTO John Graham-Cumming, Zero Trust SIM technology can outperform VPNs and other security systems as it provides cell-level protection.
Zero Trust SIM will launch first in the US, where only a virtual card for iOS and Android will be available at first. When activated, it will bind to a specific device and allow you to protect it. Physical maps are also expected in the future.
The company is also launching Zero Trust for Mobile Operators, an affiliate program for telecom operators that will enable them to offer subscriptions to the services and tools of the Zero Trust platform. In addition, a similar project is expected for the Internet of Things.
The real cost of the GeForce RTX 4090 in the US has become known. At least MSI and Asus have prepared options for the recommended $1600
Sales of the GeForce RTX 4090 will not start soon, but sellers are already ready to offer users the latest...
The GeForce RTX 4090 will not repeat the fate of the RTX 3090 and will be available at a recommended price from the first days. The cards are already lit up in European stores
The GeForce RTX 4090 will go on sale on October 12, but the cards are already in stock in stores...
AMD Desktop Processor Roadmap Leak Confirms Ryzen 7000 X3D Series Plans
A supposedly “roadmap” has appeared on the network that shows AMD’s plans for the 2022-2023 Ryzen processor line. And so...
Will it be better than the GeForce RTX 3050? Intel unveils Arc A750 graphics card for $290
For some reason, Intel waited a couple of days and introduced another video card. The Arc A750 will go on...
Electric Cars5 days ago
Powerful sedan from Geely and Volvo on the Geely Tugella platform with 25 sensors. Lynk & Co 03 entered the Chinese market
Components5 days ago
Ryzen 9 7950X at 6.5 GHz consumes as much as a non-overclocked Core i9-12900K
Components6 days ago
24-inch, Full HD and slim body for $75. Redmi has a new monitor
Gaming7 days ago
“Personally, I have just crazy freezes in games.” Gamers are massively complaining about the big Windows 11 update