Flipper Zero can now be used to spam iPhone users with fake notifications

Flipper Zero has quickly become one of the most popular hacking tools, thanks in part to its interface and the thriving community that surrounds it. However, security researcher Anthony has recently unveiled a new attack that leverages Flipper Zero to spam iPhone users with pop-up notifications.

How does the attack work?

To grasp how the attack works, it’s crucial to understand that Apple devices use Bluetooth advertising packets (ADV packets) to broadcast their presence to nearby devices, such as AirPods. Taking advantage of this, bad actors can craft and spread fake ADV packets while adhering to the Bluetooth Low Energy (BLE) protocol. As a result, any iPhone within range perceives these transmissions as real connection requests irrespective of whether a user has disabled Bluetooth through the Control Center or not.

While the attack looks more like a prank, it could have vast applications. These include confusing a victim by overwhelming them with fake requests or outright imitating trusted devices for potential phishing attacks.

“When a device like Flipper Zero mimics the advertising packets of real devices or services, it can create a lot of phantom devices in the vicinity of an iPhone user. Imagine searching for a device to connect to and being presented with a list of dozens, if not hundreds, of fake device names,” reads Anthony’s blog post.

Furthermore, Anthony has developed an “amplified board” capable of broadcasting Bluetooth packets over a significantly greater range than standard Bluetooth Low Energy devices. This technique could provide threat actors with an avenue to exploit this attack, although he has, fortunately, refrained from disclosing specific details about this method.

What can Apple do?

While Apple has yet to issue an update fixing this issue, the company could adopt measures to check the legitimacy of Bluetooth devices trying to connect with iPhones and restrict the distance at which Bluetooth devices can establish connections.

“For iOS users, this mimicry can be more than just an annoyance. It can lead to confusion, disrupt workflows, and, in rare cases, pose security concerns. It underscores the importance of being aware of the devices around us and the potential flaws inherent in wireless communications,” reads the blog post.