iPhones do Carry Spyware – Here’s How to Keep Yours Safe!

Featured article by John Smith, Independent Technology Author

One of the most overused and untrue urban myths out there about smartphones is that iPhones do not need antivirus protection because they cannot be infiltrated by malware, spyware, or any other form of bad agent.

Try telling that to the millions of iPhone owners who had their smartphones hacked by spyware via WhatsApp vulnerability recently.

iPhone proponents and Apple marketing executives boldly claim their products are immune to nearly all forms of malware because of the process of sandboxing.

In a nutshell, sandboxing means that Apple products keep all their apps in one “sandbox” while all of the system information is in another, and there is no pathway between one and the other. Theoretically, that would keep any malware that enters an Apple product through a third-party app from ever being able to breach the product’s system.

The WhatsApp breach is not the first time that the sandboxing method has failed to protect iPhone users.In April 2019, a vulnerability in the iPhone’s Chrome web browser was used by a threat actor hailing by the name of eGobbler to insert malicious advertising onto the devices.

Spyware by the Numbers

An overwhelming amount of malware, including spyware, has the task of going after Android-based phones. Why? Because Android is the runaway market share leader when it comes to smartphones. As of June 2019, Android was the world’s global leader in mobile operating systems with 76.03% of the total. By comparison, iOS has 22.04% of the market, and no other company has more than 1%.

But the misconception that iOS devices are immune is what makes the practice of constructing malware for them so appealing to some threat actors. iPhone users get overconfident when they think their phones are untouchable, and take risks they would otherwise not.

Checking for Spyware on an iPhone

There are three common types of spyware attacks on iPhones , and there is plenty of software to avoid spyware attacks. The first is the masque attack, which lulls the user into believing a message is coming from a trusted app. When the user accepts an invite to upgrade said app, the spyware comes into the system along with a bogus installation. The trick to identifying these masque attacks is often in the name of the manufacturer of the app. Take a few seconds and confirm that the name of the manufacturer offering you an upgrade matches the original app’s creators. If the names are different, you are likely dealing with a scam artist.

The second common form of launching spyware on an iPhone is called an iCloud Backup Attack. Hackers use specialized (and illegal) spy software to hack your iCloud credentials. Once they’ve broken in, they can access all sorts of private information including every single thing that has passed through an iPhone since time began. Be on the lookout for requests from iCloud to change your password. Report any threats to iCloud support so they can be on the lookout as well.

The third iPhone spyware type is Spy App infestation. These are usually offered by third parties outside of the Apple store, which does a rigorous job of vetting what it lets in. If you’re going outside the boundaries of smart iPhone use, you’re putting yourself at risk.

Regardless of the source of iPhone spyware, these symptoms will always tell you if your smartphone is feeling the pressure of spyware:

1)     Battery overheating: All that extra energy is from the spyware sending everything you do back to its HQ.

2)     Frequent, unrequested Internet connection: That’s the spyware trying to report back its findings.

3)     Frequent Apple Login requests: The spyware has established itself and now wants the crown jewels. Don’t give in!