With iOS 17.2, Apple has seemingly fixed an unharmful yet annoying exploit that allowed actors to remotely surface pop-up notifications on iPhones via a small hobbyist radio device (via ZDNet).
The now-fixed exploit allowed Flipper Zero, a small multipurpose device often used by radio and wireless hobbyists, to remotely send pop-up alerts to every iPhone in its range via Bluetooth. While relatively unharmful, the hack meant that affected iPhones would freeze and become unusable unless restarted, which quickly became annoying.
Flipper Zero cannot natively hack iPhones in this manner. Rather, malicious actors had to install a third-party firmware known as Xtreme that includes an Apple BLE Spam tool which enabled this exploit to take place. Thanks to Flipper Zero’s antenna, this denial-of-service hack could affect all iPhones in a range of 30 feet from the device, the report adds.
Discover new horizons, always connected with eSIM
Travel the world stress and hassle-free with the best eSIM service available. Enjoy unlimited data, 5G speeds, and global coverage for affordable prices with Holafly. And, enjoy an exclusive 5% discount.
ZDNet has performed new tests on iPhones running iOS 17.2 to assess whether the new update fixed the exploit. According to the report, iOS 17.2 significantly reduced the number of Bluetooth pop-ups caused by the hack, even if they still occasionally appear now and then. The never-ending stream of pop-ups is no more, which no longer causes iPhones to crash and freeze requiring a reboot.
The Bluetooth pop-ups resembled those when an iPhone attempts to connect to a nearby Apple device like the AirPods or Apple TV connection prompt. The only way to seemingly bypass this exploit is to completely turn off Bluetooth on your iPhone, with even Lockdown Mode not enough to safeguard your device from this hack.
While Apple hasn’t officially acknowledged that iOS 17.2 fixed the exploit on hand, it seems that the company did take steps to curb its effects.
