Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Cyp1974

macrumors newbie
Original poster
Nov 5, 2024
6
2
I think my iphone has been compromised by a virus and websites accessed without me knowing (hits have been flagged by my company wifi). Can anyone recommend a 'deepscan' software or any advice for finding out if it has some kind of malware on it. The hits did not appear on my search history. I would like to find categorical evidence to protect my job.
 
  • Haha
Reactions: watchthisspace
Many thanks but I need to know what specific virus is on my phone in order to prove it is behaving in the way it is. Is there any software that can do this?
 
In case of a restore after a wipe, you will probably restore the malware as well (even if it’s unlikely that you got one).

A better solution maybe is to wipe, configure the phone as a new iPhone and manually reinstall apps and reconfigure.
 
People, please pay attention to what the OP is asking. It is so annoying when people do not pay attention and make unrelated posts.

If this post is true in Apple discussion forum back in 2023 then iphone's cannot get viruses.


Which means something else must be going on with the iphone.

This is a good guide from NordVPN. It's title is a bit misleading because at it states in the article you cannot scan for viruses on an iphone therefore you have to carry out various types of checks on the iphone yourself

 
Were you surfing the internet when your employers had the security hits from your phone on their wifi? And was the hit you described simply that your employer's security software blocked you from visiting a site classified as malicious?

Many sites, even perfectly legitimate ones, serve banner ads delivered through an advertising network, and sometimes those ad networks deliver ads with elements or links from sites flagged as harmful.
 
  • Like
Reactions: Tagbert and chown33
Thank you for this. Yes, looking at the times that the hits occurred it was quite possible that I was surfing the internet or on Facebook etc. However, the websites that have allegedly been hit are adult ones, which I don't think would be advertised through an advertising network!
 
Working in infosec, for companies who have *TRIED* to breach the iPhone, there are no known viruses/hacks that aren't either:

1. Require extraordinary effort on the part of the user - jailbreaking-style - that would be blatantly obvious to you as they would do things like require you connect to a computer every time you reboot your phone to make it work again.
or
2. Performed using yet-undisclosed vulnerabilities - something that is basically never done against random individuals; but almost always by nation-state level actors, against specifically-targeted individuals. (Russian state intelligence service attempting to hack a specific Western reporter, for example; or US CIA attempting to hack a foreign target.)

It is near-certain that your phone was not compromised, hacked, or infected with a virus.

However, there are many scam websites, some that even show up far-earlier-than-they-should in search results, that pretend to be legit websites, and may redirect you to fake scam websites and trigger "a website you shouldn't have accessed" alerts by corporate IT defenses. But these are just websites - your history should show them; although they may show the name of the website they were pretending to be, rather than the actual name, depending on how sophisticated the scammer.


If the phone is a personally-owned device being used on the corporate network, your company should have installed "MDM" software (Mobile Device Management) to allow them to be sure your device is safe on their network, and would be able to prove in their own logs what you visited. You would need to insist on seeing those logs (if they attempt actual disciplinary action against you) to explain what they're seeing.
 
However, the websites that have allegedly been hit are adult ones, which I don't think would be advertised through an advertising network!
Yes they would, I've seen it happen. This is why I use an ad blocker for most websites these days.
 
Thanks very much AF and Iwavvns (Greek?). That's very interesting. I was trying to think back to what kinds of things I was looking at at the specific times. Are there any particular kinds of websites that have these banner ads?
 
Thanks very much AF and Iwavvns (Greek?). That's very interesting. I was trying to think back to what kinds of things I was looking at at the specific times. Are there any particular kinds of websites that have these banner ads?
I retired from a web development a few years ago, so things may be different these days. It used to be that a Web developer didn't get to pick and choose which advertisements are shown on their website, they have to trust that the advertisement network will only allow a certain type/class of advertisement in the rotation. I have seen adult advertisements "slip through the cracks" and you may have fallen victim to this very slippage. Lots of websites use advertisement networks these days, especially the popular websites, as a cost-cutting measure.

I addressed your Greek question in a private conversation.
 
Thanks again, Iwavvns. A couple of questions. Would the adverts show up on my search history or would it be just the websites I visited. Also, why wouldn't this happen more often with other people? Am I just 'unlucky'?!
 
Thanks again, Iwavvns. A couple of questions. Would the adverts show up on my search history or would it be just the websites I visited. Also, why wouldn't this happen more often with other people? Am I just 'unlucky'?!
I don't believe the adverts themselves would show up in search history. Advertising networks handle advertisements from hundreds of organizations and their ads need to be in a rotation system so that all advertisements get equal time on websites. if something is in your search history it is because someone entered it to search for it at one time or another.
 
Did they tell you which sites they were, or just that you've been hitting adult websites? If not, maybe ask what sites they were and verify they are indeed adult web sites. My company's filtering software would sometimes flag legitimate sites incorrectly and we'd have to ask the vendor to review and recategorize those sites.

Another thing... Did you receive any junk mail or texts for such kind of sites. The email loading could pull content from those sites. Same with web site previews in Messages. Neither of which would show up in your browser history.
 
Did they tell you which sites they were, or just that you've been hitting adult websites? If not, maybe ask what sites they were and verify they are indeed adult web sites. My company's filtering software would sometimes flag legitimate sites incorrectly and we'd have to ask the vendor to review and recategorize those sites.

Another thing... Did you receive any junk mail or texts for such kind of sites. The email loading could pull content from those sites. Same with web site previews in Messages. Neither of which would show up in your browser history.
Yes, false positives.. good point. I see those now and then too.
 
  • Like
Reactions: Cyp1974
Thanks again for all this. Yes I did receive some junk from some adult sites, so that might be a factor. The problem is how do I actually prove this? Most feedback is saying that the behaviour is very unlikely to be a virus, so a deep-scan will not reveal anything. There are digital forensic people (expensive) but I am not sure whether they would reveal anything either. Can digital forensics reveal all browsing history, for example? Has anyone had any experience with this?
 
  • Haha
Reactions: Fred Zed
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.