New Exploit | How to Know if Your iPhone Was Hacked


New Exploit | How to Know if Your iPhone Was Hacked


For many individuals, the iPhone’s accessibility and powerful hardware make it an easy choice for conducting business, viewing finances, and storing personal data on the go.

But with such wide-spread popularity, Apple has made itself a target for hacking groups looking to crack the codes behind one of the tech industry’s most secure devices.

On January 26, 2021, Apple published patch notes that provided insight into three software vulnerabilities that, when daisy-chained together, could give hackers complete control over iPhones and iPads running iOS 14.3 or older.

While Apple has yet to provide full details on the extent of the attack, the tech giant did confirm that these vulnerabilities have already begun to be exploited by hacking organizations. But before diving into what you should be doing to protect your Apple devices and the data stored inside, let’s first take a look at why these exploits pose such a risk.

What Makes iPhones Secure?

For years, Apple engineers have worked to create a platform that balances security and usability with little to no effort placed on the shoulders of iPhone owners. Take, for example, the iPhone’s ecosystem. It relies entirely on a series of approved apps that are downloaded from Apple’s proprietary App Store. Once an iPhone app is downloaded and launched, it runs in a “sandbox” that is completely separate from all other applications. What this means is that one app cannot access data from another app, nor can it gain access to critical files held within the iPhone’s operating system. But what happens when hackers look past specific apps and specifically target the core OS of Apple’s mobile devices?

What Does the iOS 14.4 Update Fix?

As mentioned previously, this most recent exploit relied on the cohesive use of three bugs: one deeply ingrained in the core infrastructure of older OS files and two others found within Apple’s widely popular Safari browser.

While Apple has yet to release information on how hackers  are able to gain access to the core OS of iPhones and iPads, it’s clear that this first step in the exploitation process gave hackers absolutely all the data stored on  the victim’s device. And although this alone is enough to raise concern, hacking groups took their actions further when continuing their attacks with the two bugs stemming from Safari. By coupling the  OS exploit within the ones found in the Safari application, hackers gained the ability to remotely open the mobile browser, install malware, and take complete control over the device. In turn, not only does this step allow the hacker to open any unprotected app, it also gives them the full ability to send emails, texts, view pictures, and more.

Nevertheless, this exploit is not the first hack to show that Apple’s secure ecosystem can be bypassed with some creativity. Back in September of 2019, a hacking group known as eGobbler exploited a vulnerability in the Google Chrome web browser for iPhones. By bypassing the app’s pop-up blockers and strict rules for redirecting URLs, the hacking group was able to replace reputable ads with fraudulent ones, redirecting an estimated 1.1 million visitors across hundreds of sites to unsafe landing pages where users of the Google Chrome app could easily be exposed to malware.

Additionally, in December of 2020, the cybersecurity research group, Project Zero discovered an iPhone vulnerability giving would-be hackers remote access to the entire device, over Wi-Fi, without the owner ever having to touch their phone to initiate the process. To make matters worse, potential hackers could then use the radio frequencies of the infected device to infiltrate other nearby iPhones, also with no interaction needed.

What Is an AirDrop Hack?

When evaluating the primary suspect behind this exploit, research has found that it stems from what is now a resolved flaw in Apple’s mesh networking system, knowns as Airdrop. Typically, this feature is meant to allow iPhone owners to easily share pictures and other media content with other nearby iPhones; removing the need to first upload the content to a secondary cloud service for sharing.

Once infiltrated, security researchers were able to view photos, read emails, copy private messages, and monitor user activity in real time. While Apple claims to have resolved the vulnerability back in May with iOS 13.5, this exploit still depicts a frightening picture of what malicious hackers may be doing without your consent. And although a hack like this is significant for a number of reasons, it blemishes Apple’s long-standing reputation for developing software that is nearly “unhackable”.

Iphone Hack Detection

So, with no mobile antivirus in sight and profitable smartphone hacking on the rise, how can iPhone owners tell if their smartphone has been hacked?

Signs of My iPhone Has a Virus

1. Decreased Battery Life

Like all technology with rechargeable power supplies, an iPhone’s battery will lose its ability to hold a charge after just a few years. That said, if you’re struggling with battery life on a newer iPhone and are not using resource-hungry applications for long periods of time, there’s a chance your device could be running malware in the background.

2. Slow Speeds and Crashing

In the past, Apple has been known to purposefully slow down older iPhones in hopes of persuading hesitant buyers to purchase a newer device. Nevertheless, for those who own a newer model iPhone, if you notice that applications are slow to open or if you experience regular system crashes, malware could be hogging your smartphone’s processing resources.

3. High Data Usage

When malware successfully infiltrates a device, it seeks out a way to secretly send data back to the hacker responsible for the attack. While, on a laptop or desktop, software can be implemented to look for this suspicious activity, noticing this on an iPhone can be more difficult. That said, if you notice your iPhone is using more data than usual, malware could be suspect.

4. Unusual Account Activity

Whether it’s a vulnerability with the iPhone’s operating system or an exploit within a single app, if your iPhone is compromised, so are the accounts linked to it. Therefore, if you notice any unsolicited password reset or account verification emails hitting your inbox, they could be stemming from an infected iPhone.

How to Remove iPhone Malware

While it can be difficult to determine if your iPhone is compromised, if you have any inclination that it is, here are some recommendations of how you can resolve the issue.

1. Keep Your Apps and iOS Updated

When vulnerabilities are found within the iPhone’s iOS or specific applications, developers for said platforms work quickly to resolve the issues. After the security flaw is fixed, developers distribute mass updates across their user-base. Because of this, it’s important to ensure both your iPhone and it’s installed applications remain regularly updated to resolve both known and unknown security risks.

At the time of this article’s writing, current generation iPhone devices should be running iOS 14.2. To check if your iPhone is up-to-date, head to your device’s settings, tap “General”, and select “Software Update”. While you’re there, you can also set your iPhone to automatically install updates when they become available.

2. Change Your Passwords

On many occasions, app developers will notify the public if their platform has been hacked, and request that users create new passwords to secure their accounts. If that is the case, heed the warning and change the associated password immediately. Additionally, although Rocket IT strongly suggests using different passwords for each of your accounts and storing them in a password manager, should you be using the same password across multiple applications, it’s important to change those too.

3. Implement Multi-Factor Authentication

Multi-factor authentication adds another layer of security to accounts and many iPhones applications have begun integrated third-party services, such as Authy or Microsoft Authenticator, for that very reason. Simply put, MFA required individuals to enter another method of verification after using the correct username and password to login. Depending on the MFA software used, this could be a fingerprint or facial scan, static PIN, or a push notification. For more information on MFA, click here.

4. Delete Recently Installed Apps

While even well-trusted apps can fall victim to hackers, if you notice any signs of suspicious activity after downloading a new app, delete said app immediately.

5. Restrict App Permissions

When downloading a new app, many times a pop-up will appear; requesting that the iPhone’s owner give the software permission to complete various activities and collect data. For unfamiliar software, Rocket IT suggests limiting the app’s ability to track your location, access stored media, or launch the iPhone’s camera and microphone. To check a specific app’s permissions, navigate to your iPhone’s settings, scroll down to the app in question, and tap on it.

The Future of iPhone Security

The iPhone is not an easy device to hack; taking individual researchers hundreds of hours to discover even the slightest weakness within the iOS. That said, with Apple’s recent launch of it’s “Security Research Device”, the tech giant is looking to reduce the resources and time researchers need to discover new iPhone vulnerabilities before they’re exploited by malicious hacking groups.