In the world of mobile malware, simply shutting down a device can often wipe out any bad code, given that persistence after rebooting is a challenge for traditional malicious activity. But a new iPhone technique can hijack and prevent any shut-down process that a user initiates, simulating a real power-off while allowing malware to remain active in the background.
The stealthy technique, dubbed “NoReboot” by researchers, is “the ultimate persistence bug,” according to a ZecOps analysis this week. The firm also debuted a proof of concept (PoC) showing how to use a faked shutdown to disguise remote spying activity (see below).
Read more…
Source: ThreatPost