introduced a security patch in its 17.2 software update that no longer allows the Flipper Zero to attempt to connect to iPhones. With its help, a hacker can make the number of pop-ups asking to pair a device so large that it is no longer possible to use the smartphone.
No more attacks on iPhones in the subway
The attacks have been going on for over a month. Devices either prevent normal use or freeze completely. Such cases are said to occur primarily in the Warsaw metro, but not only. Occasionally, similar situations also occur in other public transport vehicles, including trains. According to the descriptions of people who encountered the problem, the smartphone suddenly starts displaying a request to pair with an external device (e.g. headphones). After closing the window, another one, another one, and another one immediately appears. In this way, we can receive several dozen messages about a connection attempt within a minute.
Of course, each such window can be closed manually. However, the problem occurs when the frequency of them popping up is so high that it makes it impossible to do anything on the smartphone screen. Moreover, some (reports indicate that mainly iPhones) freeze or turn off in response to such a number of messages.
The only solution seems to be a Bluetooth module only. However, in many cases it is impossible to touch the appropriate icon in time. Some people also describe that they managed to “save” the hanging phone only after leaving the subway.
Bluetooth attacks can do more damage than you think
Attacks on iPhones are the so-called BLE Spam, a classic example of a DoS attack (- involves overloading and, as a result, blocking the system or service) using the Bluetooth module. Using an appropriate script, the hacker is able to continuously flood all nearby devices with hundreds of pairing packets. This completely prevents the use of most smartphones, and in the case of iPhones (with iOS 17, in update 17.2 the problem should no longer occur) often leads to a complete suspension of even a locked phone (and then it is necessary to perform a so-called hard reset).
Of course, it is not clear who carries out such attacks in or on other public transport vehicles. Someone probably has a very bad sense of humor and is doing it as a joke. However, the Niebezpiecznik portal reported that it does not have to be any outstanding hacker. “Unfortunately, we should expect that there will be more and more situations like the one in the Warsaw metro, because you don’t have to be an outstanding hacker to carry out this attack. All you need is an appropriate application for Flipper Zero (a multifunctional tool for programmers – ed.) or for… Android” – write specialists.
Experts add that, unfortunately, such attacks are not only not funny, but also – in public places – can be dangerous. It’s not just about the need to “revive” your iPhones (not everyone can do that). Attacks similar to BLE Spam can affect not only smartphones, but also medical implants and even passing cars, blocking their multimedia systems in extreme cases.
Source: Gazeta
Mabel is a talented author and journalist with a passion for all things technology. As an experienced writer for the 247 News Agency, she has established a reputation for her in-depth reporting and expert analysis on the latest developments in the tech industry.
