How do I check my iPhone for spyware/malware

You don't.

There is no known malware that can affect an iPhone.

There's no way to install spyware, unless someone had physical access to your unlicked iPhone with a computer for an extended period of time.

There are no apps that check for these things, since due to the nature of iOS, there's no way for them to scan outside of the their own designated app area. iOS is sandboxes, that means apps cannot access areas outside of their own app sandbox.

If you explain what issue you are experiencing, someone may be able to an advise, but it's almost certainly not malware or spyware.

BDFULLER wrote:

How do I check for malware on my iPhone

What malware is around for iPhone is rare and targeted, and generally seeks to avoid detection. For what is known around, Apple already checked for it with the built-in anti-malware, built-in scanner, and built-in removal tools.

If that’s not enough assurance, then factory reset it, reinstall, don’t restore a backup, and verify your entire environment:

• Restore your iPhone, iPad, or iPod to factory settings - Apple Support
• Personal Safety User Guide - Apple Support

Most common exploits target the user. You. Me. Us. Not our devices. Weak or re-used passwords or phishing or other such, or cases with knowledge of our passcode and with physical access to our device. You will need to check that yourself using Security Check and related steps, and with your own personal security practices.

If that’s all not enough assurance, then you effectively believe you are the target for immensely expensive espionage tooling, and will accordingly need specialized and dedicated and tailored assistance with the entirety of your security. This direct assistance is well beyond what can be offered around here, or in any other online forum.

And again, and as some replies around the forums have also indicated, if you believe you are being targeted by national security agencies or immensely rich parties or foreign espionage services, or if your security issues have been ongoing for many months or years and with multiple previous discussions offering suggestions about security, then you are well beyond what assistance can be provided around here.

6XChinaXDollX9 wrote:

An an iphone be cloned with the SIM card or device itself if they had access to it.

A SIM card can be cloned. The iPhone itself, cannot be cloned, but its data can be copied. If using an eSim it can be also be copied to a different iPhone. This would take a while to complete however, so unless it was out oof your sight for an extended period of time (30 minutes or more), its unlikely to have happened.

Or if you have 2 devices both logged onto the same cloud and one is stolen can they get access to watch your screen listen to your microphone and access your data and saved files on the phone?

If they have access to your iCloud account, they can log into it, and see any files stored in iCloud. They can't get access to your camera, screen or microphone in any way.

I still have one of the iPhones and one was stolen which I put in lockdown mode and bc they knew the screen code took it out of lost mode. Somehow they are still able to access my files on my phone and see or hear the screen and mic.

Not possible. They are trying to trick you. As mentioned, they may have access to your files in iCloud and on the device if they managed to unlock it, but there is no way for them to see your screen or hear your mic. It's simply to something that can be done.

I know they have said they can clone phones and had a software or device able to do it with iPhones but even after changing my pad they are still accessing and even remotely controlling the phones mic and editing and deleting files saved on the device only.

Again, not really possible to do this. not sure what you are seeing, but I can almost guarantee this is not what is happening.

How is this possible and could it have something to do with the google accounts I also have on my I phone or is it the SIM card or remote accessing my device like was done with desktop computers by tech support.

Not possible to remote access an iPhone. Not through the sims are which only holds settings, and certainly not through a Google account.

If they have access to your iCloud account, they can modify files, contacts, calendar entries, notes and photos synced to iCloud, and you would see those modifications on your device.

You can stop this, by changing your iCloud password, and even changing the email address associated with your Apple ID.

click here ➜ Change your Apple ID password - Apple Support

Also click here ➜ If you think your Apple ID has been compromised - Apple Support

Disneyfan24 wrote:

There isn’t a way to specifically check for spyware on an iPhone.

Answer these three questions:

1. Have you jailbroken your iPhone?
2. Has anyone had unsupervised access to your unlocked iPhone for more than a couple of minutes?
3. Are you a high-profile journalist, activist, or politician whose data would be worth hundreds of thousands of dollars to acquire?

If the answer to each of those questions is "No", you don't have spyware.

Run Safety Check

How Safety Check on iPhone works to keep you safe - Apple Support

I too am experiencing remote monitoring tracking files are edited added and removed settings are changed and any information I enter like passwords are immediately changed or compromised. I’m not hallucinating and it has occurred with different AppleId different passwords 2FA.

backstory. I started noticing my Google Account was giving location data where I had never been then it became obvious that there were multiple devices using these accounts. The only device I own of any kind is the same iPhone. I then tried securing those accounts only to have the password changed each time I went through the secure account routine. Photos appeared in Drive and photos some that were there were edited the metadata. Then I completely removed google from the device all the apps from them. But I lost access to my Apple iCloud acct. I couldn’t get it back. So I created new Apple ID and thought that would fix it. It didn’t. I began to notice the phone overheating battery drawing faster, it was 100% health at the time.

then I noticed settings being changed and that I believed I was being tracked. I called Apple at least I think it was Apple I spoke with. They couldn’t remote look in the device bc my Apple acct was no longer accepting my password. So he led me through another creation of Apple ID. Still my passwords for apps ad websites continued to not accept the passwords I thought were correct. So I began writing them down. At the same time I erased the device through settings and signed back into my Apple acct. Same thing, I knew the passwords I entered were correct.

I tried everything. Erased multiple times created new acct. And then it seemed to work right for about one day. Then, I got a new cellular sim installed where I could access the accounts using different sim. Nothing changed any acct accessed from the device where passwords were entered were subject to being accessed and settings emails and other data would be changed or created. I then went to a library remember I have no other devices including a computer. So I created a new acct. Erased the device and reset it thought that would do. I had forgotten I was using the same email as recovery acct.

I tell you all this bc you are not alone and there are several exploits available for low cost to anyone wanting to spy on your device. And if your phone was a gift like mine then they had plenty time clone your sim. That gives them access to your two step authentication for most accounts by getting all your text messaging if they aren’t getting them from iMessage. But I would like you to Google an app called mSpy. Go to their website and see they offer iCloud acct installation. There for with a cloned sim and the id you use to sign in to iCloud they can reset your password to your iCloud without you knowing and install the software that way. Then when you have difficulty signing in. You will charge the password. Think the problem is solved but little do you know the password you just entered is known by the perpetrators, along with accessing your mic your camera every key stroke every message every thing associated with your device. Every account you sign into every place you go every call or text you make. See therefore it is only one of several remote monitoring software. And if your settings are set to use multiple devices syncing the settings and every aspect of your device management is at the persons control allowing other exploits.

don’t let anyone tell you that an non jail broke iPhone can’t be accessed it and everything you have on it or use can be. I am experiencing it I finically bought a new device new cellular service eSim and have been free of the tracking but my Accts are still being accessed and when using the device it has become apparent my stalker is still at work. I screwed up and placed the old sim in the device and began the process of changing phone number on accts but the ones they targeted are my Apple my cell phone provider and any email accts. I’m at the point of buying Certo software access and a Computer I sleep with my device in my pillow and try to never let it out of sight. I don’t give out the number freely and use it only on the acts I hope are secure. Created from a library computer I know sadly I trust public computer networks better than a brand new iPhone. I am currently searching for solutions Aplle Care refused to admit it was possible and were very little help.

i hope this leads you in the right direction you most likely are not imagining the signs of being infected or tracked. It is real and very possible.

Tmac5200, you can download Malwarebytes onto your iPhone for normal scanning for viruses or malware. But spyware/malware is developing rapidly and may not be detected by Malwarebytes. If you suspect that you have downloaded malware based on the functioning of your iPhone, I would search for any local cybersecurity experts in your area to examine your phone manually. Apple Support techs are often not aware of how to identify and repair cybersecurity issues.

I would delete all my apps. Call your carrier (Verizon, Att) and have them reset your ESIM. Then do a phone reset and install your new eSIM or physical SIM card once the reset is done. Once you have the new eSIM card installed. Change your Apple password and the phone passcode. Then redownload all your apps.

quest2346 wrote:

hooked into my Mac

Key event here. It needs to be connected to a computer for something like that to happen.

Yes, you can mess up your iPhone, but most normal users are not doing any of this. And remote access to an iPhone to install software is not yet known to be possible.

The fact it needs to be connected to a computer set to some developer mode and then some terminal command needs ot be issues, precludes this happening in the wild, much less remotely.

Legtra wrote:

So what did you?

Run Safety Check

How Safety Check on iPhone works to keep you safe - Apple Support

IPhone0723 wrote:

Completely false. If you scroll and read every reason for software update directly from Apple, clearly this tells us that there vulnerabilities and malware if very possible along with remote access codes. Whoever believes this is not true, is uninformed

About the security content of iOS 16.5 and iPadOS 16.5 - Apple Support

You do understand, Apple is fixing those issues? The fact they are fixed means they cannot be used. Almost none of security fixes apple published involve remote hacking, spyware or malware in any way. And only a very limited few have been known to have been actively exploited at one time. Most fixes Apple publishes happen before the actual vulnerability is known or even used on any one.

There are vulnerabilities in different parts of the OS, mostly dealing with website access. Most vulnerabilities require a ton of time, and resources to actually exploit. Unless you are a high value target, nobody is going to spend time and money to hack Joe Schmoe's iPhone.

There is absolutely no way anyone can remotely monitor or access your iPhone in the ways being suggested here.

Most hacks of devices involve access to data on them, not accessing the camera or microphone to listen to anyone.

hanes64 wrote:

XLSx123x-

I have experienced what you describe also. I have had someone in my cloud for over a year. I’m in the process of completely deleting a cloud account. If you’re not watching everything done on phone is synced..password, literally everything. So it’s impossible to get rid of them without deleting the email address completely

The email address is not associated with a compromise. It's an identifier that is intentionally and necessarily public.

If an Apple ID has been compromised for as long as has been reported here, and given you will have already received and acted upon advice on how to increase the security of your Apple ID, then there are other issues or concerns here, or your adversaries have capabilities well outside of what we can assist with in a forum such as here in ASC.

In the unlikely case you have not already encountered it: Personal Safety User Guide - Apple Support

Probably either with a recovery key and/or security keys or both for the highest security, with Lockdown Mode enabled.

An an iphone be cloned with the SIM card or device itself if they had access to it. Or if you have 2 devices both logged onto the same cloud and one is stolen can they get access to watch your screen listen to your microphone and access your data and saved files on the phone? I still have one of the iPhones and one was stolen which I put in lockdown mode and bc they knew the screen code took it out of lost mode. Somehow they are still able to access my files on my phone and see or hear the screen and mic. I know they have said they can clone phones and had a software or device able to do it with iPhones but even after changing my pad they are still accessing and even remotely controlling the phones mic and editing and deleting files saved on the device only. How is this possible and could it have something to do with the google accounts I also have on my I phone or is it the SIM card or remote accessing my device like was done with desktop computers by tech support.

That’s actually not so true. I’ve also had my iPhone 12 being hacked before. And this IS very possible. It sucks though kuz they get in ur phone through ur email address. And then they are able to completely control ur phone. I haven’t found any solutions yet but I’m looking.

I am experiencing remote monitoring. More than that, I have used HO Smart Friend and they DID access my cell phone and view my computer screen THROUGH my phone to see what I was speaking about. That was the first time. So yes, remote accessing an iPhone 14 Plus IS POSSIBLE. I have reset my computer 6 times, it is currently out of my house, I have changed modems, I have reset two iPhones twice after I refused to pay ransom to keep access to contacts and family pictures. I was locked out and changed one phone number, and STILL they did it AGAIN on the changed phone number. I have reported to local county sheriff’s dept 3x, and since they won’t do anything have been instructed to contact a government agency whom I received the information about from a physical and VERY reliable source. They have access to things and I have changed my iCloud accounts more than once! So yes, they can remotely access and CONTROL mic and phone and camera and much more. They do it to me. I’m contacting Apple in a moment and doing EVEN more. Been happening since at least early March, probably longer. Any any weird thing that comes up, verify, question, do it, do not hesitate. I’m sorry to bust your bubble but HO DID remote access one phone and SINCE then I did reset and change my iCloud addresses as well as having gone thru about 20+ email addresses. I’m a no one, an everyday person, no government official etc, yet still organized and sophisticated attacks on ME only. Why?