Researchers at Jamf Threat Labs on Tuesday posted a new report that explains how an iPhone can behacked to expose a fake edition of Lockdown Mode , fooling the owner into thinking that their iPhone is secure .
Introduced in iOS 16 , Lockdown Mode can be enabled if a exploiter believe they are in a situation where they are a target for spyware . usable in iOS and iPadOS via thePrivacy & Securitysettings , Lockdown Mode stops your machine from perform sure functions that are used to install spyware , such as the ability to view images in the Messages app , or JavaScript in Safari . ( Lockdown Mode is uncommitted in macOS as well , but Jamf ’s inquiry is specific to Io and iPadOS . )
When a user turn on Lockdown Mode , the twist needs to restart to put the variety into upshot . Jamf discovered that it could create a beltway for this restart by having iOS trigger “ a Indian file named / fakelockdownmode_on , ” which would then originate a userspace reboot , not the arrangement reboot that is involve . Jamf posted a TV that shows the faux Lockdown Mode in action at law .
Lockdown Mode could be interpret as antivirus software package that detect when a twist has been compromised , but that is incorrect . Lockdown Mode is a method acting to forestall contagion , but , as Jamf taper out , “ iPhone drug user should be mindful that if their gimmick has already been infected , trigger Lockdown Mode will not affect a trojan that has already breached the system . ”
Jamf ’s demonstration is a proof of conception . “ This is not a defect in Lockdown Mode or an iOS vulnerability , per se ; it is a post - exploitation meddling technique that allows the malware to visually befool the drug user into believing that their earphone is running in Lockdown Mode , ” articulate Jamf . The researchers also charge out that this proficiency has not been observed in the wilderness .
How to protect yourself from fake Lockdown Mode
For a hacker to create a fake Lockdown Mode scenario , successful accession to the twist is needed . It ’s important to use security features such as Face ID or Touch ID and to expend a complex passcode . Do n’t open links in substance from unknown user or let unfamiliar people use your gadget . luckily , Jamf ’s construct is somewhat complicated to execute , so it ’s unconvincing that an casual user will be a target .
Apple has not remark on Jamf ’s findings . The company will belike make a bandage in a future iOS update to address the issuing , so it ’s important to upgrade your gadget ’s operating system on a steady basis .
