New Exploit | How to Know if Your iPhone Was Hacked

iphone_hack

New Exploit | How to Know if Your iPhone Was Hacked

iphone_hack

For many individuals, the iPhone’s accessibility and powerful hardware make it an easy choice for conducting business, viewing finances, and storing personal data on the go.

But with such wide-spread popularity, Apple has made itself a target for hacking groups looking to crack the codes behind one of the tech industry’s most secure devices.

On December 1, 2020, the cybersecurity research group, Project Zero discovered an iPhone vulnerability giving would-be hackers remote access to the entire device, over Wi-Fi, without the owner ever having to touch their phone to initiate the process. To make matters worse, potential hackers could then use the radio frequencies of the infected device to infiltrate other nearby iPhones, also with no interaction needed.

What Is an AirDrop Hack?

When evaluating the primary suspect behind this exploit, researched found that it stems from what is now a resolved flaw in Apple’s mesh networking system, knowns as Airdrop. Typically, this feature is meant to allow iPhone owners to easily share pictures and other media content with other nearby iPhones; removing the need to first upload the content to a secondary cloud service for sharing

Once infiltrated, security researchers were able to view photos, read emails, copy private messages, and monitor user activity in real time. While Apple claims to have resolved the vulnerability back in May with iOS 13.5, this exploit still depicts a frightening picture of what malicious hackers may be doing without your consent. And although a hack like this is significant for a number of reasons, it blemishes Apple’s long-standing reputation for developing software that is nearly “unhackable”.

What Makes iPhones Secure?

For years, Apple engineers have worked to create a platform that balances security and usability with little to no effort placed on the shoulders of iPhone owners. Take, for example, the iPhone’s ecosystem. It relies entirely on a series of approved apps that are downloaded from Apple’s proprietary App Store. Once an iPhone app is downloaded and launched, it runs in a “sandbox” that is completely separate from all other applications. What this means is that one app cannot access data from another app, nor can it gain access to critical files held within the iPhone’s operating system. Because Apple has developed a platform in such a way, it has refrained from allowing antivirus developers from launching applications within the App Store.

Nevertheless, this exploit is not the first hack to show that Apple’s secure ecosystem can be bypassed with some creativity. Back in September of 2019, a hacking group known as eGobbler exploited a vulnerability in the Google Chrome web browser for iPhones. By bypassing the app’s pop-up blockers and strict rules for redirecting URLs, the hacking group was able to replace reputable ads with fraudulent ones, redirecting an estimated 1.1 million visitors across hundreds of sites to unsafe landing pages where users of the Google Chrome app could easily be exposed to malware.

Was My iPhone Hacked?

So, with no mobile antivirus in sight and profitable smartphone hacking on the rise, how can iPhone owners tell if their smartphone has been hacked?

Signs of My iPhone Has a Virus

1. Decreased Battery Life

Like all technology with rechargeable power supplies, an iPhone’s battery will lose its ability to hold a charge after just a few years. That said, if you’re struggling with battery life on a newer iPhone and are not using resource-hungry applications for long periods of time, there’s a chance your device could be running malware in the background.

2. Slow Speeds and Crashing

In the past, Apple has been known to purposefully slow down older iPhones in hopes of persuading hesitant buyers to purchase a newer device. Nevertheless, for those who own a newer model iPhone, if you notice that applications are slow to open or if you experience regular system crashes, malware could be hogging your smartphone’s processing resources.

3. High Data Usage

When malware successfully infiltrates a device, it seeks out a way to secretly send data back to the hacker responsible for the attack. While, on a laptop or desktop, software can be implemented to look for this suspicious activity, noticing this on an iPhone can be more difficult. That said, if you notice your iPhone is using more data than usual, malware could be suspect.

4. Unusual Account Activity

Whether it’s a vulnerability with the iPhone’s operating system or an exploit within a single app, if your iPhone is compromised, so are the accounts linked to it. Therefore, if you notice any unsolicited password reset or account verification emails hitting your inbox, they could be stemming from an infected iPhone.

How to Remove iPhone Malware

While it can be difficult to determine if your iPhone is compromised, if you have any inclination that it is, here are some recommendations of how you can resolve the issue.

1. Keep Your Apps and iOS Updated

When vulnerabilities are found within the iPhone’s iOS or specific applications, developers for said platforms work quickly to resolve the issues. After the security flaw is fixed, developers distribute mass updates across their user-base. Because of this, it’s important to ensure both your iPhone and it’s installed applications remain regularly updated to resolve both known and unknown security risks.

At the time of this article’s writing, current generation iPhone devices should be running iOS 14.2. To check if your iPhone is up-to-date, head to your device’s settings, tap “General”, and select “Software Update”. While you’re there, you can also set your iPhone to automatically install updates when they become available.

2. Change Your Passwords

On many occasions, app developers will notify the public if their platform has been hacked, and request that users create new passwords to secure their accounts. If that is the case, heed the warning and change the associated password immediately. Additionally, although Rocket IT strongly suggests using different passwords for each of your accounts and storing them in a password manager, should you be using the same password across multiple applications, it’s important to change those too.

3. Implement Multi-Factor Authentication

Multi-factor authentication adds another layer of security to accounts and many iPhones applications have begun integrated third-party services, such as Authy or Microsoft Authenticator, for that very reason. Simply put, MFA required individuals to enter another method of verification after using the correct username and password to login. Depending on the MFA software used, this could be a fingerprint or facial scan, static PIN, or a push notification. For more information on MFA, click here.

4. Delete Recently Installed Apps

While even well-trusted apps can fall victim to hackers, if you notice any signs of suspicious activity after downloading a new app, delete said app immediately.

5. Restrict App Permissions

When downloading a new app, many times a pop-up will appear; requesting that the iPhone’s owner give the software permission to complete various activities and collect data. For unfamiliar software, Rocket IT suggests limiting the app’s ability to track your location, access stored media, or launch the iPhone’s camera and microphone. To check a specific app’s permissions, navigate to your iPhone’s settings, scroll down to the app in question, and tap on it.

The Future of iPhone Security

The iPhone is not an easy device to hack; taking individual researchers hundreds of hours to discover even the slightest weakness within the iOS. That said, with Apple’s recent launch of it’s “Security Research Device”, the tech giant is looking to reduce the resources and time researchers need to discover new iPhone vulnerabilities before they’re exploited by malicious hacking groups.

Posted in , ,