Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Other Can you get a virus on iPhone?

T

ThatiPhoneKid

macrumors 6502a
Original poster
Aug 15, 2017
984
665
I was on my iPhone today and pressed on a link for a recipe, then it took me to a shady looking website and I imminently exited... I was wondering if my iPhone can get malware, spyware, viruses or keyloggers?

My phone is not jail broken

Thanks
 
That statement is no longer true.
Yes, while very uncommon, it's now possible for a nefarious website to infect an iPhone running any version of iOS. The good ole days are gone. To believe you're immune from malware just cuz it's an iPhone is foolish.
 
  • Like
Reactions: mhdena, Shirasaki and ruslan120
It is technically posible but very unlikely, especially without explicitly allowing a profile through the Settings app. Most malicious software would also not not persist a reboot, so restart it and it’s clean. No need to worry just because there’s been a dodgy site. Most dodgy sites aren’t about malware either. They’re more about tricking you to willingly give up info
 
  • Like
Reactions: ApfelKuchen
casperes1996 said:
It is technically posible but very unlikely, especially without explicitly allowing a profile through the Settings app. Most malicious software would also not not persist a reboot, so restart it and it’s clean. No need to worry just because there’s been a dodgy site. Most dodgy sites aren’t about malware either. They’re more about tricking you to willingly give up info
Click to expand...
Thank you all
[automerge]1572207511[/automerge]
What is Malware?
 
ThatiPhoneKid said:
What is Malware?
Click to expand...

A compound word, combining the words malicious and software. Malware is sort of an umbrella term covering many more specific terms that go into the behaviour of the malicious software. Anything from adware (injects extra ads to earn money), vira (self replicating program that injects its own code into other components), ransomware (encrypts user data and demands a ransom to decrypt it), key loggers and so forth. Some are more or less feasible on different platforms. iOS is generally really quite safe, and whilst there certainly are ways of exploiting iOS, I wouldn't really worry about it if I were you. At most reboot if you're scared of anything. The exploits that jailbreaking use and such, which could theoretically be used for developing certain malicious software, does not persist a reboot (generally speaking), because it's only injected into temporary data layers, and not written to permanent storage. You could also clear Safari data if you want to be extra on the safe side, but I find it very unlikely that anything gets persistence on the system for you. Two and a half years ago I did a whole project on iOS security. As with anything in computing, nothing is unbreakable. But you're not vulnerable enough that you need to be concerned unless you're the prime minister of a country or something that there's a target on your back ;).
 
  • Like
Reactions: Shirasaki and EedyBeedyBeeps
now i see it said:
That statement is no longer true.
Yes, while very uncommon, it's now possible for a nefarious website to infect an iPhone running any version of iOS. The good ole days are gone. To believe you're immune from malware just cuz it's an iPhone is foolish.
Click to expand...

I don’t believe this true - on modern iOS versions. Link to evidence or article describing this?
 
ThatiPhoneKid said:
How do check to make sure there are no key loggers or spyware on my phone
Click to expand...

You can't really check per se. Well made malware is undetectable. Reboot, stay updated with iOS, and you're good. Apple also regularly updates their database of malware definitions, often if possible silently, which will prevent known malware of any kind running on the devices.
 
apps.apple.com

‎Malwarebytes Mobile Security

‎Block scams and secure your smartphone or tablet. Our powerful app scans for robocallers and spammers, and aggressively detects fake texts, phishy links, malicious sites, and annoying ad trackers. Why Malwarebytes? • Award-winning technology that is proven to reduce scams, robocalls, phishing...
apps.apple.com

If your worried, MalwareBytes will give you web protection.

Includes call protection and text filtering.

Free AD blocking is what I originally downloaded it for, then got the full program.

The ad blocking is so helpful especially with Google Chrome. On Safari I don’t even realize there’s ads running even on popular websites that push them.
 
now i see it said:
Here you go...

arstechnica.com

Armed with iOS 0days, hackers indiscriminately infected iPhones for two years

Attackers installed malware that stole passwords, log-in credentials, and much more.
arstechnica.com arstechnica.com
Click to expand...

From a technical perspective this article is poorly written, even though it's from a reputable source. I don't dispute the legitimacy of the claims, but it's written with hyperbole and scaremongering to an unnecessary degree, as well as a severe lack of technical explanation and understanding, just the way the heap is described for instance. Also, nothing in here explicitly makes any of this out to be a virus. Though it definitely sounds like they use the BootROM exploit newer jailbreaks also take advantage of. As mentioned both previously by me and the article, it does not persist a reboot. It also doesn't work every time, as it's based on a memory interaction side-channel vulnerability, which sometimes gets you access to unprotected memory, sometimes gives you a segfault crashing the code that's trying to exploit the device.

Nothing in tech is impenetrable. Users should still be aware. iOS is still very secure and if you stay updated and don't install untrusted developer profiles, you're not really at risk. Maybe if you live under a totalitarian government repressing its people, sure. But that's still not vira they use then.
 
ThatiPhoneKid said:
How do check to make sure there are no key loggers or spyware on my phone
Click to expand...
Because of the walled garden nature you have no way to check if there is any keylogger or spyware. But, believe it or not, Apple’s own remote assistant software can be repurposed as spyware because activating it does not require user input from device, a.k.a., no prompt. It can also record every single move on your screen.

So, yes, iPhone can get malware or maybe virus. And once infected, you have very limited options to remove them. The key is to be vigilant all the time and never believe “iOS is impenetrable”.
 
Shirasaki said:
Because of the walled garden nature you have no way to check if there is any keylogger or spyware. But, believe it or not, Apple’s own remote assistant software can be repurposed as spyware because activating it does not require user input from device, a.k.a., no prompt. It can also record every single move on your screen.
Click to expand...

That is not "because" of the "walled garden". Well crafted malware can be impossible to detect on any platform
 
casperes1996 said:
That is not "because" of the "walled garden". Well crafted malware can be impossible to detect on any platform
Click to expand...
True. What I am talking about is possible methods an end user can do to find and remove the malware without erasing all data or doing something similar. Windows is fairly open and I can install various tools to find and remove the malware if I need to. On iOS, I don’t have such options.
 
Shirasaki said:
True. What I am talking about is possible methods an end user can do to find and remove the malware without erasing all data or doing something similar. Windows is fairly open and I can install various tools to find and remove the malware if I need to. On iOS, I don’t have such options.
Click to expand...

Right. Sort of. Apple regularly updates their own XProtect definitions. This doesn't even always require an update, and Apple's platforms will automatically carry out any functionality offered by other anti-malware programs on other platforms for clearing out any malware found by XProtect. You may not have direct user input on the case, but that doesn't necessarily mean that the security isn't there in the same way. Besides, malwareBytes, Norton, AVG, McAfee, etc. don't find everything, and also have false positives. Ultimately, isn't it better that the XProtect system is native to the OS and entirely transparrent to the user? Most people don't even know what XProtect is, and no need to interact with it. Yet it protects you from defined malware same as these other programs do. Honestly I trust an iOS device to be clean of malware more than I do a Windows PC with McAfee or any of the others. If none of the anti-malware programs on Windows or whatever can find the malware, you can't do anything either until they update their definitions. Your situation isn't much different with XProtect on iOS, except for awareness if it ever does detect something.
 
I went on a website today and it redirected me to an unknown Russian website, I quickly exited it but I’m worried this may have infected my iPhone? As I exited it before it fully loaded should it be ok?
 
There aren't any [known] persistent malware viri in the wild that can permanently infect iOS when just visiting a website. But there have been websites that DID infect iPhones with spyware just by visiting them - but the malware wasn't persistent and just by restarting the phone got rid of it.

When in doubt or paranoid, restart the iPhone. I try to do it once a day anyway just to keep it running smoothly.
 
ThatiPhoneKid said:
I went on a website today and it redirected me to an unknown Russian website, I quickly exited it but I’m worried this may have infected my iPhone? As I exited it before it fully loaded should it be ok?
Click to expand...
Seems like the same answers provided before (earlier in the thread) in relation to this kind of thing still apply.
 
ThatiPhoneKid said:
I was on my iPhone today and pressed on a link for a recipe, then it took me to a shady looking website and I imminently exited... I was wondering if my iPhone can get malware, spyware, viruses or keyloggers?

My phone is not jail broken

Thanks
Click to expand...

If you let a sick person use it, you could certainly get a virus from it.
 
  • Haha
Reactions: brgjoe
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back