Comments by: Oded Vanunu, Head of Products Vulnerability Research, Check Point Software Technologies
The researcher demonstrated a new technique that allows malware and hacking tools running on iOS devices to intercept the reboot/shutdown process and block it. While this might not sound so dangerous, this technique allows the malicious code to stay longer on the device.
A common way to remove malware and other malicious code is to reboot the device (or shut it down for a few minutes), this is helpful when the malicious code is running from memory and not from the device storage to avoid detection. The new technique blocks the reboot/ shutdown process and the malware can even use social engineering to show Apple’s famous reboot screen with the company logo.