Airplane mode on your smartphone disables all wireless features on your smartphone to prevent it from interfering with critical flight systems, allowing you to safely use your device while flying.
In addition to this, Airplane mode’s role extends beyond travel, with roles such as:
- battery saver
- cutting tools
- meditation aid
Researchers at Jamf Threat Labs recently developed a post-exploit persistence method for iOS 16. Successful exploitation of this allows an attacker to set up a fake Airplane Mode with all of the original Airplane Mode user’s interface features to hide malicious apps.
This allows an attacker to continue accessing the device even if the user believes the device is offline.
New iOS 16 Hack Analysis
In a report sent to Cyber Security News, Jamf Threat Labs experts first examined how Airplane Mode works and found that two daemons control Airplane Mode. said to have been found. The names of these two of his daemons are:
- SpringBoard for UI shift
- CommCenter for network control
Additionally, the CommCenter daemon allows users to manage or control app-specific cellular data blocking.
The pdp_ip0 (cellular data) network interface hides the IPv4/IPv6 IP address when the user turns on airplane mode.
Security analysts have slightly modified the UI to keep the cellular connection active for selected applications in a newly developed artificial airplane mode.
Our analysis began with console log tracking, where the first relevant logs emerged when Airplane Mode was enabled.
A C++ function with no symbols was found while searching the code with the disassembler using the following string:
To instill the deceptive Airplane Mode, the researchers replaced the Airplane Mode call chain function with an empty action that does nothing on boot.
In other words, an attacker could take advantage of this newly created deceptive functionality to maintain an active cellular connection and uninterrupted Internet access.
Additionally, this attack requires further UI tweaks to the traditional Airplane Mode illusion, such as dimming the phone icon and disabling user interaction.
The analyst connected two Objective-C methods to accomplish this, negating the intended effect of the cell phone icon. I made the necessary adjustments by inserting the code.
- -(SBStatusBarStateAggregator _noteAirplaneModeChanged)
- -(CCUIModularControlCenterOverlayViewController _beginPresentationAnimated:interactive:)
Users without Wi-Fi and with airplane mode enabled expect Safari to go offline. The regular prompt “Please turn off airplane mode” was mimicked by using CommsCenter’s app blocker as a fake airplane mode.
Disconnecting Safari’s Internet without activating device-wide Airplane Mode is a key test, so it’s hard to toggle alerts.
After all the techniques are combined, the fake or artificial air lane mode works perfectly fine just like the real thing.
Google News, LinkedIn, twitter,Facebook.