Research that shows it is possible to hack an iPhone when it is turned off and drive off in your Tesla – UPDATED 18 May 2022 with real world examples of Bluetooth vulnerabilities

This is theoretical research that shows it may be possible to run malware on an iPhone that is still active even when the phone is powered off, by abusing a lack of authentication in the Bluetooth system and the fact that the Bluetooth is used in the Apple “find my…” functionality.

Here is the paper:

Evil Never Sleeps: When Wireless Malware Stays On After Turning Off iPhones (arxiv.org)

Only a theory and a research project at the moment – as far as we know!

Here is more research from the NCC Group, that shows what can happen when a technology is used for something it was not primarily designed for – such as using Bluetooth to lock your Tesla! (or my Ford?)

NCC Group uncovers Bluetooth Low Energy (BLE) vulnerability that puts millions of cars, mobile devices and locking systems at risk | NCC Group Newsroom (mynewsdesk.com)

Update 18 May 2022

And then there is this in The Register:

BLE phone-as-a-key vuln allows access to Tesla Model 3 • The Register

And this in TechRepublic:

Vulnerabilities found in Bluetooth Low Energy gives hackers access to numerous devices | TechRepublic

Theory into practice.