Bluetooth, near-field communication (NFC) and ultra-wideband (UWB) operate when iPhone's iOS system is shut off, meaning even powered-down devices are vulnerable to attack.
New research from the Technical University of Darmstadt in Germany examined the chips that enable the "Find My" functions and allow users to access banking and identification information even when the device is in low-power mode. This access also has the unintended consequence of leaving the device open to attack, even though the user might think the iPhone is offline and secure. according to the team's paper, entitled "Evil Never Sleeps."
"On recent iPhones, Bluetooth, near field communication (NFC), and U=ultra-wideband (UWB) keep running after power off, and all three wireless chips have direct access to the secure element," the paper states. "As a practical example what this means to security, we demonstrate the possibility to load malware onto a Bluetooth chip that is executed while the iPhone is off."
That said, exploitation is far from simple, requiring several steps and the use of known bugs like BrakTooth, the researchers explain.