You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

💡 Did you know?

⏺ If you can't accept iCloud Terms and Conditions... Learn more >

⏺ If you don't see your iCloud notes in the Notes app... Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Remote installation of spyware in iPhone

I found a hacker which claims can install a spyware remotely in iPhone just with the help of mobile number

Posted on Mar 20, 2019 6:00 AM

Reply
18 replies

Mar 21, 2019 11:13 AM in response to IdrisSeabright

My understanding, at least with GSM networks though was that cloning the number required physical access to the SIM to clone it?


I know before the network connections were digital, one could sniff ESN/MIN numbers from the airwaves with the right monitoring equipment and clone a connection that way, but that was long time ago. But nowadays with radio signal fingerprinting and other safe guards, how technically challenging would it be to actually clone a cell number and network connection purely over the air, and then you’d have to fine-tune your cloned transmitter to duplicate the originals transmission fingerprint too?

Mar 20, 2019 2:25 PM in response to Dm100h

Through imei number he say will clone the phone he said he would need phone number or email Address associated with the phone or IP address

What he claims he can do and what is actually possible are two very different things. He can't clone the phone number with those bits of information. He can't remotely install anything with that information.


If, however, he has your Apple ID and password, he can get access to a lot of your information. He could use that information to make you think he had installed spyware.

Mar 21, 2019 7:35 AM in response to Dm100h

If you believe him, pay the money and find out for sure. A fool and his money are every scammers wish. People claim ridiculous things every day - someone claiming something can be done does not make it true.


The only way to clone a phone is to have the phone you want to clone in your physical possession. There is no means of remote cloning any cellular telephone. And cloning a device has nothing at all to do with installing anything on the cloned device - it remains unchanged, with no spyware/malware installed at all.


If one has a device in hand, has the necessary hardware (cloning requires specialized hardware) and knowledge, then yes, a device can be cloned. That would let the person with the cloned handset listen to calls and SMS texts coming in to the original. It does not, however, allow them to see any information nor data on the original device, nor to intercept anything coming to or being sent by the original over the internet.


But none of that can be done remotely to any cellular telephone, regardless of whatever numbers, hardware IDs, network IDs etc that the hacker may know of.

Mar 21, 2019 8:04 AM in response to Dm100h

First off, the “dark web” is just an idiotic phrase that advertisers and marketing came up with to market security software. It is all just the internet or World Wide Web, period. I hate terms like dark or deep web - they have been invented for no other reason than to frighten people into spending their money on software and services they wouldn’t need if they were just a little more careful with their own confidential information.


And most people who find their identity compromised online find it happened because their passwords and information was phished (and then shared), or hacked from companies servers (everything from government databases to banks, credit bureaus, retail store chains, Sony, yahoo, Amazon, Google - they have all experienced security breaches and “security” of your data, stored by others, is often a not very funny joke). Or stolen along with unsecured mobile devices.


People are notoriously lax about their own personal information’s security. They use one password for everything and often it’s an easily guess or cracked password. They share passwords. They post password on sites without thinking. They immediately respond to every phishing email or text they receive without pausing for a moment to question if they are legitimate. They refuse to implement advanced security like two factor logins because it’s too inconvenient.


Much of the so-called “dark web” would stutter to a halt in a day if people were not so lax with their own online accounts and security.


A few years ago, the FBI reported that they estimated at least 30%-40% of all smart phone theft was motivated by the data in unsecured devices. Things like plain text notes of passwords and logins on devices with no local passcode enabled. And Pew research reported that an estimated 25%+ of all smartphone and tablet users do not secure their devices with a password.


In many ways, identity theft and personal data as a growth crime industry only exist because people refuse to educate themselves and act intelligently to secure their own data. They value convenience far above security, and refuse to acknowledge those two things are mutually exclusive.


Thats not not to say companies and agencies (e.g. credit bureaus don’t even implement basic data sanity checks, like more than one SSN assigned to any one person) with lax security of our data that they store are not also to blame, but the blame does not lie solely with them.

Mar 21, 2019 9:09 AM in response to Dm100h

Everything I wrote above applies to anyone using any computing device running any operating system.


As to Android operating system security, I have no idea. I don’t use Android devices.


I do know that an android cell phone can only be cloned remotely if using a quite old release of Android (with a BT exploit that was patched long ago) or again, only by someone having direct physical access to the device to get into it and alter certain default security settings first.

Mar 21, 2019 9:29 AM in response to Michael Black

I do know that an android cell phone can only be cloned remotely if using a quite old release of Android (with a BT exploit that was patched long ago) or again, only by someone having direct physical access to the device to get into it and alter certain default security settings first.

The ability to remotely clone a mobile number was pretty much shut down years ago by the cellular carriers. When I first started in the industry in the mid-nineties, it was still a big problem. By the time I left in 2016, it had been years since I heard of an occurrence.

Mar 21, 2019 10:34 AM in response to IdrisSeabright

That’s good to know. The problem is their are sites like dr.fone that provide access to simply “spyware” tools and instructions that make people think this stuff is simple, routine and common. Admittedly even wondershare specifies that their tools/instructions require someone to have the iPhone or android phone in their very hands, but people speed reading with fear in their minds already skip over those details.


Or that most if these commonly downloadable cloning tools are used primarily by people trying to salvage a damaged phone to setup a replacement, not spy on anyone. And with any iPhone since the introduction of activation lock, they require physical access to the phone, as well as knowing the AppleID and password used for activation lock. Unfortunately wondershare and other sites list their tools and instructions along with articles on SIM cloning and other hacks, so non-tech oriented people end up coming away with nothing more than heightened fear and paranoia about their devices and data. And thinking everything they’ve read can be done remotely over the air, and without their knowledge.


Reminds me of Sandra Bullock in “the net” in 1995 apparently achieving MiB/s transfer speeds out of her dial-up 56 kbit/s modem - people who’d never used a PC or Mac really thought that was how the internet worked then. All you needed was a 3.5” floppy, some simple knowledge of BASIC and a modem and you could hack the world! That same uninformed fear and paranoia lives on to this day.

Mar 21, 2019 10:40 AM in response to Michael Black

If, by "cloning" people mean make a copy of the data on the phone, that would definitely require the phone in hand and would be made difficult if the phone were locked.


When I first started in cellular, people would come in with phone bills with pages and pages of calls they hadn't made (pretty obvious when one call was made from L.A. and the next call, a minute later was made from a city hundreds of miles away. We would occasionally have to do some support for the local Secret Service agents (for some reason, cloned phones were their jurisdiction).

Remote installation of spyware in iPhone

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.