User profile for user: wind_chaser
wind_chaser Author
User level: Level 1
4 points

Scammed iPhone 13

I have a question regarding the possibility of hacking/remotely accessing/installing a spyware/malware on an iPhone 13 Pro.


The perpetrator, the husband during divorce proceedings, has physical access to his wife's previous iPhone 8 (which he appropriated at the beginning of the divorce case) that has not been marked as lost, and its content has not been remotely erased. Instead the Apple ID on the phone has the location notification feature enabled in case it comes within range of a GSM/Internet network - all was reported to the police.


Today, during the spouses' conversation via iMessage, a zip file appeared in her window containing an exported chat from WhatsApp between me and my principal (I'm a legal counsel representing her in the case), appearing as if she sent the compressed conversation file to her husband. In addition to matters covered by professional secrecy, the chat included discussions on legal strategy, proposed directions for the divorce case, asset division, child contact, etc.


After the phone appropriation last year, the woman changed the passwords associated with the Apple ID and Gmail but did not change the Apple ID email itself. Considering the physical access to the previous phone by the husband, I wonder if remote access to the current phone, exporting the chat, and sending it to himself pretending it was done by his wife would be possible. Exporting WhatsApp chat cannot be done accidentally as exporting requires at least few steps.


We checked the phone for applications like TeamViewer, devices logged into WhatsApp Web, devices linked to the Apple ID, but found nothing.


Apple does not provide login history from Apple ID/iCloud. I assume that these logs contain IP addresses of devices logging into the account and possibly their location/network provider's name.


The only possibilities I see are (i) breaking the password from the pool of passwords used by the wife, although she claims to have unique ones, (ii) logging into the Apple ID through a phone in physical possession of the husband - although the phone should send a notification when in range of an Internet network, this option seems doubtful to me (iii) installing a malware/spyware some time ago already


The main lead I see here is having physical access to the previous device and the Apple ID still linked to the same Gmail address and a new phone (albeit under a different password). However, I'm still wondering how the WhatsApp chat was generated (live - it was not extracted from iCloud backup), which later appeared in the iMessage window, as WhatsApp, being a non-Apple app, does not exchange data with the iOS system and has its own ringfencing.


Perhaps an application allowing such operations was installed on the phone, but I lack knowledge in this area and upon checking all installed apps we found nothing as mentioned earlier.


I'd appreciate any ideas on how to tackle this problem - apart from reporting it to the police which is already done, but most probably will give zero effects.

iPhone 13 Pro

Posted on Apr 1, 2024 11:38 PM

Reply

Similar questions

2 replies
User profile for user: SravanKrA
SravanKrA
Community+ 2024
User level: Level 10
411,272 points

Apr 2, 2024 12:21 AM in response to wind_chaser

wind_chaser wrote:

I have a question regarding the possibility of hacking/remotely accessing/installing a spyware/malware on an iPhone 13 Pro.

If you feel an unauthorized person/app is remotely using, controlling or monitoring your device, then that is possible only if you have done one or more of the following Don'ts...


  1. Don't hand over an iPhone to kids or to a stranger without Enabling Guided Access
  2. Don't share Apple IDs
  3. Don't Jailbreak
  4. Don't share sensitive information pertaining to your device
  5. Don't give in to Phishing
  6. Don't plug in your device in Airports and Public places through third-party cables and trust the device. Beware of Juice Jacking. (Especially in India)
  7. Don't leave your iPhone unlocked and unattended in public places like offices, schools, malls, etc.


If one of the above is true then quickly change the Apple ID Password and Return iPhone settings to their defaults.



Keep the iPhone updated to the latest iOS always and never Jailbreak. That's it.


iOS / iPadOS devices cannot be hacked or infected with Virus / Malware / Spyware *** unless you have intentionally downloaded spurious software or unauthorized apps directly from the internet and installed them on your device or/and have Jailbroken


It (Hacking) also depends on how careful you are in sharing sensitive and valuable information pertaining to your iPhone such as Passcode, Password, etc with your friends and family members.


Be judicious when sharing the device's sensitive and valuable information with friends and family members.



**The primary reason for this is Sandboxing. All third-party apps are “sandboxed”, so they are restricted from accessing files stored by other apps or from making changes to the device. Sandboxing is designed to prevent apps from gathering or modifying information stored by other apps.


Security of runtime process in iOS and iPadOS - Apple Support



The sandbox on an iPhone is a security feature that creates a restricted environment for each app to run in isolation from other apps and the operating system. It is a core component of iOS's security architecture and plays a crucial role in making iPhones more secure.



If you doubt the authenticity of the information provided earlier, you have two alternatives:

  1. Report the hacking incident to local law enforcement authorities and actively pursue the case.
  2. Accept the credibility of the information; it is impervious to hacking. Just as some individuals hold unconventional beliefs, such as a flat Earth or moon landing denial, one has the freedom to believe in anything. The choice ultimately rests with you in this open and free world.


Reply
User profile for user: SravanKrA
SravanKrA
Community+ 2024
User level: Level 10
411,272 points

Apr 2, 2024 12:25 AM in response to wind_chaser

Hack or Prank?


It is highly unlikely that skilled hackers would choose to invest their time and resources into monitoring an unknown person's device and making calls. Firstly, hacking requires a certain level of expertise, knowledge, and tools, which can be quite valuable assets. A proficient hacker typically has a specific agenda, such as gaining unauthorized access to sensitive information, financial gain, or advancing their own personal or political interests.


Monitoring your iPhone would not yield any substantial benefits for a hacker. It would be a trivial and unproductive pursuit that lacks any significant value or purpose. Additionally, hacking activities are often motivated by tangible gains, such as financial rewards, access to valuable data, or the ability to manipulate systems for personal or ideological motives. Monitoring someone's device or manage WhatsApp Chat would not offer any meaningful advantage or serve a legitimate purpose but pranks would.


Moreover, hacking is an inherently risky activity that can have serious legal consequences. Engaging in unauthorized access, surveillance, or invasion of privacy is illegal in most jurisdictions. Skilled hackers typically operate with more calculated precision, targeting high-value entities or systems that present greater opportunities for achieving their objectives. The risks associated with hacking a device would far outweigh any potential benefits, making it an illogical and unprofitable endeavor.


In summary, hackers typically focus their efforts on more lucrative targets that align with their motives and offer substantial rewards. Investing time and resources into monitoring a device would be an inefficient and unproductive use of their skills, knowledge, and tools.


To protect your devices and personal information, it is crucial to follow good security practices such as using strong and unique passwords, keeping your software up to date, being cautious with email attachments and links, and ensuring that your devices have appropriate security measures in place.



On your iPhone, iPad, or iPod touch: Go to Settings > your name > Password & Security.Tap Turn On Two-Factor Authentication. Then tap Continue and follow the onscreen instructions.


Two-factor authentication for Apple ID - Apple Support (IN)



Beware of Phishing!: Be careful and be smart to --> Recognize and avoid phishing messages, phony support calls ...

It (Phishing) may appear as the image given below.




Gain control of your Apple ID

If your Apple ID password has been changed by someone else, reset your password. Go to appleid.apple.com to update any personal or security information that isn't correct or that you don't recognize.27-Mar-2023


If you think your Apple ID has been compromised



Reply

Scammed iPhone 13

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up