You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Malware/spyware surviving factory reset

Hi all,


I have obvious evidence that my phone is infected with malware, as in every sensitive info I put in it invariably gets stolen: passwords, usernames, credentials, you name it, the stuff gets used to access some of my online accounts for intent of impersonation, fraud, vandalism, etc.


As far as I can tell the phone is not jailbroken nor has even been since no one else than I has had physical access to it ever since I purchased it several years ago. At least that would be the official theory since one absolutely needs physical access to install a jailbreak, right?


I think not. I suspect that connecting a phone to a computer infected with a properly coded malware (most likely a rootkit) can get the device jailbroken then infected with malicious firmware code. As the user notices signs of malware he or she resets their phone thinking they had thus gotten rid of the problem... until they notice the fraudulent activity is still active and that, no matter how many times they reset the handset.


So my question is twofold:


1) Is that scenario an actual possibility?


2)If so how do I get rid of it, I suppose the only remedy is to trash the phone, get a new one that I'll never connect to anything else lest I'm 100% sure they're clean? I hope I'm wrong, 'cause I like this phone with its home button/print scanner, with real headphone jack backed with the best DSP-friendly DAC Apple has ever used.


Thanks in advance,


KK

Posted on Dec 18, 2020 5:22 PM

Reply
Question marked as Top-ranking reply

Posted on Dec 18, 2020 6:38 PM

Have you done anything to secure your AppleID? It is much, much more likely that your AppleID is compromised than anything with your device was hacked. See -> If you think your Apple ID has been compromised - Apple Support


If someone has hacked your AppleID they don’t care one wit about your devices. They are stealing your information from your online account, regardless of what Apple devices you have, use or what you do with them.


99.9999999% of the time when people claim their Apple iPhone or other device has been “hacked” is nothing of the sort. It is their AppleID that is compromised. When someone has access to your AppleID they have access to all your information on your Apple accounts - your iCloud email, Keychain, messages, FaceTime history, your iCloud backup (which they can restore to their own device as they can login as you), etc.

Similar questions

1 reply
Question marked as Top-ranking reply

Dec 18, 2020 6:38 PM in response to KavemanKarl

Have you done anything to secure your AppleID? It is much, much more likely that your AppleID is compromised than anything with your device was hacked. See -> If you think your Apple ID has been compromised - Apple Support


If someone has hacked your AppleID they don’t care one wit about your devices. They are stealing your information from your online account, regardless of what Apple devices you have, use or what you do with them.


99.9999999% of the time when people claim their Apple iPhone or other device has been “hacked” is nothing of the sort. It is their AppleID that is compromised. When someone has access to your AppleID they have access to all your information on your Apple accounts - your iCloud email, Keychain, messages, FaceTime history, your iCloud backup (which they can restore to their own device as they can login as you), etc.

Malware/spyware surviving factory reset

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.