Security personnel ZecOps has recently developed a technology called NoReboot, which can allow the iPhone to camouflage shutdown and steal user privacy. This technology simulates the user shutdown/restart scenario, physical feedback such as ringtones and message notifications, 3D Touch, vibration, screen, camera lights, etc. will also be disabled, and it will also fake Apple’s classic power-on/off animation to mislead users into thinking The operation has been completed but is actually still connected to the network.
In a fake shutdown state, attackers can stealthily remotely access a user’s phone’s microphone and camera, or do almost anything they want without alerting the user. Usually, restarting the iPhone clears the malware’s hijacking code directly. However, NoReboot technology can directly hijack the iPhone when it is turned back on, so even a true reboot will not help the user.
NoReboot works by injecting malicious code into three background processes, InCallService, SpringBoard, and backboard, which are responsible for the iPhone’s reboot process. ZecOps says the issue cannot be patched and works on any iPhone with iOS.