For some reason or another we’ve always believed that iPhone devices were immune to malware and viruses. Unfortunately, we’ve noticed over the past year that hackers have now started taking an interest in our mobile terminals. This is probably not surprising. But, why not?
Well, stop for just a moment and consider how much time you spend on your iPhone. There’s your email, contact information for family and friends, personal photos, your exact GPS location, and probably a whole lot more – all readily available for access on your mobile device.
So, let’s start with your email, and consider what lands in your email box: there are bills from insurance carriers and utilities, financial communications and statements from your credit cards and bank, and not forgetting all your personal emails. With so much information available to a hacker, it’s not difficult at all for them to access your online accounts and request new passwords. And, when you request a new password, where does that request go? Yes, that’s right – they go straight to your email Inbox, where the hacker is sitting, waiting for this information to arrive. With all this information at hand, the hacker now has easy access to your online and financial data: they now have the capacity to steal your identity, wipe your existing accounts and create new ones, and chalk up thousands of dollars in new debt which ultimately shows up on your credit report. And, remember that your lenders will expect you repay these debts.
This is very scary stuff, and the reality is that a virus on your iPhone provides hackers with virtually unlimited access to your life. So, are you suddenly concerned at what you’re hearing? I hope so, because you should be very concerned!
As our iPhone’s have improved in sophistication, most users have perhaps become a little blasé about the security stored on their devices.
Do you remember earlier this fall in Hong Kong when protesters were targeted by malware that infected their iPhones? This virus was quite capable of stealing call logs, passwords, text messages, photos, GPS locations, and other forms of data from Apple mobile devices. One can only imagine how valuable this virus must have been to a Government trying to control these protesters.
Code-named Xsser, this malware was technically a Trojan horse. A link to this malware was sent as an anonymous message to WhatsApp users, and came disguised as an app to help coordinate Occupy Central protests in Hong Kong.
This virus attack shows just how simple it can be for social engineering to steal important information from iOS users. And in case you’re wondering, the words ‘social engineering‘ are just fancy words used by hackers and security experts to mean “tricking users to steal their information.”
In this particular situation, the hackers successfully tagged along on a huge newsworthy event which, in this case was a political protest, in order to gain their victims’ trust; however, it could well be something quite innocent such as a trade-show or a sporting event. The unknowing user then innocently installs the malicious app (malware), completely unaware that they’re also opening the door wide open to their own personal and private data.
So, What is a Malware?
The word ‘malware’ is a portmanteau of ‘malicious’ and ‘software’– it refers to any software that forces access to, disrupts the otherwise normal operation of, and/or gathers data from a device – generally with damaging consequences.
Malware can behave in various ways, and the severity of the infection varies as well. Variants such as Aussie-specific Torrentlocker and Cryptolocker encrypt files, then force their victims to pay a ransom in order to have their files returned. Other variants capture every key-press, then relay it to a hacker who devours the information searching for credit card details, usernames and passwords.
These malicious software varieties have always been associated with desktop operating systems. And strangely, iOS has always avoided being part of it. You may be wondering why? And the answer is that Apple have used some very clever design choices.
But what happens when you’re completely unaware that you’ve been tricked into installing malware and it’s stealing your personal data: is there any way of knowing if your iPhone has been infected?
We’re certainly not denying that the virus attack on the protesters in Hong Kong was really scary; however, there is something that every victim did which allowed the hackers to achieve their goals. The mistake they made is that they downloaded and installed an app from somewhere other than Apple’s official App Store.
It’s pretty common knowledge to anyone who uses Apple devices that Apple runs a tight ecosystem. Apple hardware only uses iOS, and the Apple App Store is the only place to purchase apps; that is, unless your iPhone device has been jailbroken.
What Does Jailbreaking Mean?
Jailbreaking is a means of unlocking under-the-hood options on iOS devices, allowing techies and tinkerers to alter options on their device.
You’re obviously aware that your iPhone is capable of some pretty amazing feats. Did you know that the iPhone you carry around with you has more computing power than the computers that put man on the moon?
But there are always going to be those people who want more from their iPhone’s. When you first purchase your new iPhone you’ll see that it comes preloaded with programs and apps that are difficult, if not impossible, to remove.
Some users simply become very frustrated with their iPhone, while others look for a way around these restrictions. Jailbreaking your iPhone is the perfect method for getting around these software restrictions.
Unfortunately, jailbreaking your iPhone could do a lot more damage than you’re prepared for. Let’s take a look at the Hong Kong protesters for example: they unknowingly installed an app that shared all their personal information with the hackers who, for all intents and purposes, could well have been Government agents cracking down on the protest.
So our first recommendation here is that you think long and hard before jailbreaking your iPhone. But it’s not as simple as that. Even non-jailbroken stock Apple devices have become vulnerable to hackers.
News broke in November last year that a new threat known as WireLurker was capable of infecting stock Apple devices.
WireLurker rather cleverly infects either a Macintosh OS X desktop or laptop computer – Apple computers don’t have their security locked down very well – then just waits patiently for an iPhone to be connected to the computer via a USB cord. Once the connection has been made, the malware is installed on the mobile device and the hacker now has easy access to steal personal data and information.
Within 24 hours Apple had responded to the WireLlurker threat with updates that supposedly block the infection’s access to the iOS.
Apple also moved quickly to update the XProtect malware scanning system that’s built into Mac computers in order to detect any WireLurker installers hiding in (what look like) legitimate programs.
If you try to open potentially risky programs that have been identified by Apple, and you have these protections in place, you’ll receive a warning from OS X recommending that you don’t run the program because it contains known malware.
Sadly, in the months before it was discovered, apps infected by WireLurker were downloaded on iOS devices at least 350,000 times.
How Do I Know if My iPhone Has a Virus?
We’ll break this question into two sections. The first is – what have you done with your iPhone; and the second is what symptoms does it have, if any?
The first question to ask is – has your iPhone been jailbroken? Devices that have been jailbroken bypass Apple’s tight security, thus leaving your device exposed to hackers: you won’t have to be a protester in Hong Kong to be hacked. If you make the decision to jailbreak your iPhone, you need to be extra careful when it comes to viruses and malware!
Next – is your iPhone showing any symptoms of infection? At this point in time there are no obvious symptoms of a WireLurker infection. However, we do know that virus-infected apps will become unstable and crash, or display other odd behavior while they’re running. Of course we’ve all installed quirky apps in the past, and they’re not necessarily a sign of malware infection. But, if you’ve run apps from risky websites or third-party app stores and they’re not running the way you anticipated, we strongly recommend that you be very cautious (and suspicious).
Viruses and Malware a Threat to iPhone?
So yes, your iPhone can become infected with malware. Realistically though, this is only possible if you jailbreak your iPhone. Don’t jailbreak it if you’re looking for a secure phone. Read into hardening if you’re looking for a super-secure iPhone.
Don’t panic if you believe that your iPhone may be infected with virus! But still, don’t take any unnecessary chances. Instead, simply follow our instructions below to wipe your device clean – now you can start over with factory settings.
- Back-up your iPhone, including all your personal data, by using iCloud
- Next, go to Settings – General – Reset
- In order to clear all apps and data from your terminal, tap ‘Erase All Content and Settings‘
- Now you need to restart your iPhone, and set it up again
- Once you’ve set-up your iPhone, sign into iCloud and restore your backed up data
- You can now download your apps from the App Store, if you so desire
Another method of factory-resetting your device is to attach your iPhone to your Mac and use the Re-store iPhone button in iTunes. The idea behind these steps is that you’ll be able to clear out all compromised programs from your device and replace them with new copies. You may lose some application settings, but your files and data should all be preserved.
Of course you can always take your iPhone to Apple’s Genius Bar if you believe that restoring your phone to factory settings didn’t work. The Genius Bar has system scanning software that’s able to detect and remove any hidden files like a virus or malware.