Apple, Inc AAPL iPhone is not immune to malware attacks when it is turned off, the researchers Darmstadt University of TechnologyGermany said in a research paper titled Evil Never Sleeps.

A new type of malware developed by university researchers can infect the iPhone.

See also: How to buy Apple (AAPL) stock

Even during a user-initiated shutdown, the iPhone can be located via the Find My network, and when the battery runs low, the device goes into a low-power mode, but users can still access credit cards, student ID cards, and other items in their wallets, researchers said.

In all iPhones introduced since 2018, Bluetooth, near-field communication and ultra-wideband continue to run even after the device is switched off.

These chips can run in a low-power mode (LPM) when the iPhone isn’t responding to screen taps or shaking. The mode is activated either when the user turns off their iPhone or when iOS automatically shuts down due to a low battery level.

Because LPM support is implemented in hardware, software updates cannot remove it.

Related link: iPhone Pioneer shares an interesting model from the Steve Jobs era that never saw the light of day

“The Bluetooth and UWB chips are hardwired to the secure element in the NFC chip and store secrets that should be available in LPM,” the researchers said.

The researchers use the Bluetooth chip to load malware that runs when the iPhone is turned off.

They recommended Apple add a hardware-based battery disconnect switch, which would help privacy-conscious users and surveillance targets.

Apple is reportedly privy to the contents of the paper but has not provided feedback.

price action: Apple closed Friday’s trading session down 0.19% at $138.38 Benzinga Pro data.