$169 Device Exposes Vulnerability in iOS 17, Can Crash iPhones Through Bluetooth Overload

Flipper Zero, a device sold legally as a tool for penetration testing, can exploit a vulnerability in iOS 17, rendering iPhones unusable through a document denial attack; Apple has yet to announce a forthcoming patch.

• The Flipper Zero, a device marketed as a multi-tool for penetration testing and sold for $169, can exploit a vulnerability in iOS 17 to crash iPhones by spamming them with Bluetooth connection requests.
• This attack renders iPhones nearly unusable, causing constant pop-ups and occasional reboots, as reported by cybersecurity expert Jeroen van der Ham during his confrontation with this vulnerability during a train commute.
• The threat also applies to other devices using short-range wireless communication standards like WiFi, RFID, and NFC, making a variety of devices potentially at risk, such as garage doors, TVs, and hotel keys.
• Though the Flipper Zero and its capabilities are not new, they have resurfaced due to the recent exploitation of IOS 17. Devices using Android and Windows systems are also reported to be at risk but these systems provide options to turn off notifications making them less susceptible.
• As of now, the only way to prevent this attack is to completely disable Bluetooth. However, for users who rely on Bluetooth to connect to peripherals such as Apple Watch and Air Pods, this may not be a practical solution. Apple has been contacted for comment but has not yet announced plans for a patch.

3 Articles

Futurism Forbes Forbes