This Tiny Device Renders iPhones Useless In A Nonstop DoS Attack Over Bluetooth
A tiny device that's well known amongst the hacking community, known as the Flipper Zero, is wreaking havoc for some iPhone users. The device can be utilized for DoS (Denial of Service) attacks and spam all nearby iPhones.
Infosec user Jeroen Van der Ham noticed while on a train ride that his and other people's iPhones were receiving the same stream of pop-ups, rendering the smartphones useless. After observing for a while longer, he realized that one person in the train car was working on an app on his MacBook. That person also had their iPhone connected to the MacBook via USB so they could continue working while everyone else around with an iPhone suffered constant rebooting.
"This is weird: on the train and my mobile Apple devices are rebooting, showing a possible connection to an Apple TV beforehand," Van der Ham posted. "And then I look around and notice I'm not the only one. Turned on lockdown mode, and even then it's showing the same alert, and crashing."
It turned out that the attack was conducted using a Flipper Zero, a device that can send Bluetooth pairing requests to all iPhones within radio range (among many other feautres). The handy dandy device is used for all sorts of wireless communications. It is able to interact with radio signals, including RFID, NFC, Bluetooth, Wi-Fi, or standard radio. While the small device can be used for many helpful things, it can also be used as an annoyance as well, such as changing the channel on a TV, opening a garage door, and causing havoc for nearby iPhones.
The company that produces the Flipper Zero describes the device as a "portable multi-tool for pentesters and geeks in a toy-like body. It loves researching digital stuff like radio protocols, access control systems, hardware, and more." The device is also open-source and customizable so that owners can use it for "whatever" they like.
Van der Ham was later able to recreate the attack on the train. What he found was that he was unable to crash iPhones that were running iOS versions before 17.0, which should give anyone who is still on iOS 16 or earlier some solace.
The Flipper Zero can be purchased online for $169. Potential buyers can also purchase a silicone case for the device, screen protectors, a Wi-Fi Devboard, and a Prototyping Board, among a myriad of third-party add-ons.