Security researchers have discovered that iPhones updated to iOS 17 are susceptible to a Bluetooth attack using a Flipper Zero device that can brick the phone. Ars Technique reports that security researcher Jeroen van der Ham fell victim to the exploit on a train ride last month, and his phone displayed multiple pop-ups before rebooting.
Van der Ham discovered that the attacker, another passenger on the train, was using a Flipper Zero device with custom firmware to send a combination of Bluetooth Low Energy (BLE) alerts to nearby iPhone phones running iOS 17.
The Flipper Zero is a very powerful device that we described last year as the Swiss army knife of antennas. It’s a small orange and white plastic device with a 1.4-inch screen that looks like a children’s toy. Flipper Zero is a hacking multi-tool as it communicates with devices below 1 GHz, such as old garage doors, RFID devices, NFC cards, infrared devices, and of course, Bluetooth devices.
There are multiple attacks that can be carried out on iPhones from a Flipper Zero
TechCrunch It first reported on the Bluetooth pop-up attacks last month. These can also affect iPad devices, but it appears there is now a special “iOS 17 Lockdown” in the Flipper Xtreme custom firmware that can actually overwhelm an iPhone and brick it. The attack does not affect iPhones running older versions of iOS (such as iOS 16), so it appears that Apple has changed something in its latest operating system update to make iPhones susceptible to this form of attack.
A similar attack can also be used on Android devices and Windows laptops. beepcomputer reported last week that Bluetooth spam attacks can be used on Samsung Galaxy phones to generate an endless number of pop-ups. You can protect against this on Android by turning off the nearby sharing notification, and the attack doesn’t appear to crash Android devices.
If you have an iPhone running iOS 17, the only reliable way to protect against pop-ups and crash attacks is by disabling Bluetooth. That’s not practical if you use an Apple Watch or Bluetooth headphones regularly, but if you’re in a place where someone might use a Flipper Zero, it’s worth thinking about until Apple can update iOS 17 to protect against these attacks. Apple’s latest iOS 17.1 update did not fix the issue.
We’ve reached out to Apple for comment on the Flipper Zero attack and will update you if the company responds.