im worried that i downloaded malware onto my current iphone X and my past iphone SE. Neither were jailbroken but i did download something off the web. Im worried that when i downloaded a spoofed version of pokemon go and im worried that i might have given a hacker access to my phone. Is this possible? could it give a hacker access to my photos or camera because of a web download? any advice would be appreciated i am very worried
belela777 wrote:
so just to make sure i understand i can only download malware if my phone was jailbroken?
You can download malware regardless of whether your iPhone was jailbroken. It's quite rare, but there's a big business in breaches. And some folks here are targets—dissidents, political activists, senior politicians, and those with access to sensitive information or extensive wealth.
Here, you can continue to focus on whatever happened (and that's far from clear to me), or you can learn from it and can work to improve the areas where your existing security is weaker.
Passwords and password re-use and password disclosures are a larger risk for most (all?) of us than might be the (unlikely) chance you've actually managed to be targeted by some malware.
I'd encourage enabling two-factor authentication, if not already configured, and here is some additional related reading around better-securing your whole environment:
Checklist: If you want to see if anyone else has access to your device or accounts - Apple Support
Checklist: If you want to make sure no one else can see your location - Apple Support
Checklist: If you want to stop sharing with someone whom you previously shared with - Apple Support
Device and Data Access when Personal Safety is At Risk
belela777 wrote:
so just to make sure i understand i can only download malware if my phone was jailbroken?
You can download malware regardless of whether your iPhone was jailbroken. It's quite rare, but there's a big business in breaches. And some folks here are targets—dissidents, political activists, senior politicians, and those with access to sensitive information or extensive wealth.
Here, you can continue to focus on whatever happened (and that's far from clear to me), or you can learn from it and can work to improve the areas where your existing security is weaker.
Passwords and password re-use and password disclosures are a larger risk for most (all?) of us than might be the (unlikely) chance you've actually managed to be targeted by some malware.
I'd encourage enabling two-factor authentication, if not already configured, and here is some additional related reading around better-securing your whole environment:
Checklist: If you want to see if anyone else has access to your device or accounts - Apple Support
Checklist: If you want to make sure no one else can see your location - Apple Support
Checklist: If you want to stop sharing with someone whom you previously shared with - Apple Support
Device and Data Access when Personal Safety is At Risk
So was what you downloaded an app, or just a link in Safari? Did you provide any personal information along the way, such as credit card, social security, name, address, email address, Apple account information?
If it wasn't an App and you didn't give whatever it was you accessed ANY personal information, it's very unlikely they were able to access anything on your phone.
I do agree with MrHoffman and suggest you change passwords for any applications which have important access for you.
Otherwise, iPhone iOS is a sandbox operating system which is very difficult to penetrate, unless your phone was jailbroken, but you already confirm was NOT.
Definitely go to Settings > Safari > Clear History and Website Data at a minimum. I do hope this reminds you to be careful with any computing device and not click on sites which you are not familiar with, regardless of whether it's on iPhone or a computer. Overall, I suspect you're just fine.
There is a hack that allows you to go around the app store and install an app by putting a managed profile on your iPhone. If you went this route go to Settings > General and scroll down until you either see an MDM or Profile. Delete either one then the app. And yes adding an app in this manner does give them access to information on your iPhone.
If you wish to be assuaged about your particular device, nobody here can offer that. Not with certainty. Security is never absolute.
If your "one more question" here is "how do I better secure my device and my Apple ID?", we can help you with that.
We can provide you with suggestions to upgrade your security. Which would start with two-factor authentication and robust and unique passwords, among other changes in how you utilize your device. Not loading apps from other than the app store, too—or whatever sequence was originally reported here and started off this thread.
Apple does indicate when apps use the microphone and camera. How robust those indications and those protections might be? Donno. Pretty good, yes. Absolutely certain? Probably not.
Here? You're likely just fine. But if you're a valuable target for somebody, you may not be just fine. And if your passwords are re-used or exposed or are otherwise weak, you're headed for trouble.
IdrisSeabright wrote:
MrHoffman wrote:
iPhone and iPad exploits are fairly rare, and targeted. And are still fairly expensive. A full-stack exploit with persistence was worth USD$2 million or more, when last I checked.
But iPhone and iPad malware exists.
I think the important take away is that yes it exits; no, there is almost zero likelihood that anyone posting here asking about whether their phone has been hacked has actually had their phone hacked. People usually have other, much more mundane issues that should be focused on. There is a non-zero chance that, if I have a rash, it's small pox. But, I bet my doctor will explore some other options first. Theoretical discussions of theoretical exploits, no matter how interesting (and they certainly are very interesting!) probably aren't going to solve the immediate issue. I will certainly continue to answer that, if a phone isn't jailbroken, the problem is almost certainly not malware.
Things may change but until they do....
I'm with you and I'm sure deggie too. The vast majority (99.999999999999999%) of posters coming here asking if they've been hacked are posters who clicked on something, realizing they probably shouldn't have and are now concerned they've been hacked. The chances are as we know extraordinarily remote and I see no reason to share abstract information with people who didn't even know a non jailbroken iPhone is almost always not hacked. And the above example from Mr Hoffman, while interesting is by far and large academic and there have been no (at least to our knowledge on these here parts) exploitations in the wild. Certainly not with an average user who clicks on a phishing scam.
lobsterghost1 wrote:
IdrisSeabright wrote:
MrHoffman wrote:
iPhone and iPad exploits are fairly rare, and targeted. And are still fairly expensive. A full-stack exploit with persistence was worth USD$2 million or more, when last I checked.
But iPhone and iPad malware exists.
I think the important take away is that yes it exits; no, there is almost zero likelihood that anyone posting here asking about whether their phone has been hacked has actually had their phone hacked. People usually have other, much more mundane issues that should be focused on. There is a non-zero chance that, if I have a rash, it's small pox. But, I bet my doctor will explore some other options first. Theoretical discussions of theoretical exploits, no matter how interesting (and they certainly are very interesting!) probably aren't going to solve the immediate issue. I will certainly continue to answer that, if a phone isn't jailbroken, the problem is almost certainly not malware.
Things may change but until they do....
I'm with you and I'm sure deggie too. The vast majority (99.999999999999999%) of posters coming here asking if they've been hacked are posters who clicked on something, realizing they probably shouldn't have and are now concerned they've been hacked. The chances are as we know extraordinarily remote and I see no reason to share abstract information with people who didn't even know a non jailbroken iPhone is almost always not hacked. And the above example from Mr Hoffman, while interesting is by far and large academic and there have been no (at least to our knowledge on these here parts) exploitations in the wild. Certainly not with an average user who clicks on a phishing scam.
I might quibble about the details but do agree with you, and look forward to you correcting those here that lie about malware not existing for iPhone and iPad.
Safari can't download an actual App. Safari can provide a pointer to the Apple App Store for an app to be downloaded. Check the App Store for the app and see if it's there. What is the name of the app?
deggie wrote:
Given the latest release please list the current malware that can be downloaded from somewhere on an iPhone bypassing the App Store while not jailbroken?
Some of what is happening:
https://www.internetsociety.org/resources/doc/2020/fact-sheet-government-hacking/
https://www.nacdl.org/Content/Government-Hacking
https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/
There's a big business in purchasing exploits for resale to governments and others, too. The current public offer for a full-chain iPhone exploit with persistence is two million US dollars. Those exploits are then incorporated into products which are sold to various well-funded customers.
Apple is counter-offering substantial sums to acquire those same security exploits.
https://developer.apple.com/security-bounty/
If you want to know some of what is available now, wait for the next round of Apple security patches. It's not like we get security patches in a vacuum, after all. And for those that do have or have sold these exploits, the details are usually (always?) covered by a confidentiality or disclosure agreement.
And most of us are just not targeted by these tools—there's disclosure risk in using these tools, meaning the vendor can detect and fix the flaw, rendering the tool less valuable.
MrHoffman wrote:
iPhone and iPad exploits are fairly rare, and targeted. And are still fairly expensive. A full-stack exploit with persistence was worth USD$2 million or more, when last I checked.
But iPhone and iPad malware exists.
I think the important take away is that yes it exist; no, there is almost zero likelihood that anyone posting here asking about whether their phone has been hacked has actually had their phone hacked. People usually have other, much more mundane issues that should be focused on. There is a non-zero chance that, if I have a rash, it's small pox. But, I bet my doctor will explore some other options first. Theoretical discussions of theoretical exploits, no matter how interesting (and they certainly are very interesting!) probably aren't going to solve the immediate issue. I will certainly continue to answer that, if a phone isn't jailbroken, the problem is almost certainly not malware.
Things may change but until they do....
[Edited by Moderator]
There's seemingly little reason to be concerned about this.
Why?
Whatever damage is likely already done.
Whatever was going to be uploaded probably already got uploaded, if the app was malicious.
And it's not clear the app was malicious, or maybe "just" some web app that was running within Safari.
The question then becomes what are you going to do about the potential damage here?
Password changes would be in order, along with removing the app, if it's a separate app.
belela777 wrote:
no it was an app downloaded from safari
You might not intend it that way, but this is ambiguous…. “an app downloaded” can be…
Downloadable malware is quite rare. That’s the foundation for jailbreaking, too.
MrHoffman wrote:
Here you go, Deggie.
Arbitrary remote code execution on iPad and iPhone, per Apple.
Which is about as bad as it gets.
Time to patch, y'all.
I see the first line you highlighted says "this is may have been actively exploited" (italics mine). Do we know if it actually was?
IdrisSeabright wrote:
I see the first line you highlighted says "this is may have been actively exploited" (italics mine). Do we know if it actually was?
Those targeted for exploits and those exploited tend not to advertise that.
Nor will a platform vendor identify targets among its customers, absent permission from the target. And maybe not even then.
We may or will hear more about these or other exploits in the coming months.
But we'll also be discussing these or newer exploits, and/or new vulnerabilities, and/or newer jailbreaks.
Because there will be more.
iPhone and iPad exploits are fairly rare, and targeted. And are still fairly expensive. A full-stack exploit with persistence was worth USD$2 million or more, when last I checked.
But iPhone and iPad malware exists.
no it was an app downloaded from safari
thankyou. I actually am changing passwords now and have not downloaded anything from the web in a while and i will make sure not too again
iphone hacker or virus
