Particle.news

Download on the App Store

Apple's iOS 17.2 Update Safeguards iPhones and iPads from Flipper Zero Attacks

The update effectively prevents the pen-testing tool, when modified with Xtreme firmware, from crashing devices with overwhelming Bluetooth notifications.

  • Apple has implemented safeguards in iOS 17.2 to prevent Flipper Zero devices from sending nearby iPhones and iPads into never-ending denial of service (DoS) loops.
  • Flipper Zero is a pen-testing tool that can be modified with third-party firmware (Xtreme) to provide a Bluetooth Low-Energy (BLE) spam app, which exploits a flaw in the BLE pairing sequence to send overwhelming Bluetooth connection notifications.
  • Malicious Flipper Zero devices have been used to pull off undetected DoS attacks on trains, coffee shops, and concert venues.
  • While the new iOS update still allows a few popups to appear from Flipper Zero devices, it effectively stops the device from crashing iPhones and iPads.
  • The Xtreme firmware is not available from Flipper's own third-party app store, but it is still easily downloadable and installable on NFC-replicating devices.
Hero image