One of the reasons people choose iPhones over Android devices is security However, the iPhone is also a prime target for hackers and other cybercriminals because it is known to be difficult to hack
Now, however, hackers appear to have found a clever way to bypass Apple's security checks and spy on iPhone users by using third-party custom keyboards
According to a new report by Russell Kent-Payne, a security researcher at Certo Software, this new attack method uses a malicious keyboard to spy on unsuspecting iPhone users' private messages, browsing history, and even passwords by record
Certo decided to look into the matter after the cybersecurity firm received multiple reports of cyberstalking incidents where the stalker appeared to know everything the target typed into the iPhone Upon investigation, malicious third-party keyboards were found on all affected devices
Whether you yourself use an iPhone with a third-party keyboard or are worried about being spied on, here is everything you need to know about this new threat, including steps you can take to protect yourself things you need to know about this new threat, including steps you can take to protect yourself
Usually, when spying on iPhone users, attackers need to jailbreak the target device or gain access to the iCloud account However, this new attack is unique in that it does not rely on either of these methods to spy on iPhone users
Normally, keyboards are not dangerous, but this attack weaponizes third-party keyboards by using a malicious keyboard that acts as a keylogger on the vulnerable device From here, hackers can discreetly capture and transmit all keystrokes made by iPhone users on the device
Certo does not go into the nitty-gritty details of this attack to avoid providing a blueprint for other hackers, but does explain how it works To reach potential victims, the hackers behind this campaign exploit Apple's own TestFlight platform, which is used to test new iOS apps before they are released on the App Store
By exposing malicious keyboards via TestFlight, hackers can evade detection by Apple However, as Kent-Payne points out in his report on the matter, a malicious custom keyboard could theoretically be distributed via any app
Once the TestFlight app is installed on the target iPhone, hackers install the custom keyboard via the Settings app and configure it to have "full access" to the device From here, they switch the iPhone's default keyboard to this custom version, which is visually indistinguishable from Apple's stock keyboard
The malicious keyboard is able to record all information typed by the victim, and all of this information is sent back to a command and control (C&C) server run by the hackers behind this campaign
If you are concerned that a malicious keyboard that acts as a keylogger may be installed on your iPhone, Certo offers several steps to see if you are affected
To start, open the "Settings" app on your iPhone and go to "General," then "Keyboard," and finally "Keyboard" Here you will see two standard keyboards: one in your language and another one named "Emoji" If you see another keyboard here - one you don't remember installing - be careful, especially if "Allow full access" is turned on
In this case, you will need to remove the unrecognized custom keyboard This can be done by tapping "Edit," tapping the red minus button next to the unrecognized keyboard, and then tapping "Delete"
If you want to increase the protection of your Apple device, you should also consider installing the best Mac antivirus software There is no iPhone equivalent to the best Android antivirus apps, but both Intego Mac Internet Security X9 and Intego Mac Premium Bundle X9 can scan your iPhone or iPad for malware, but but must be connected to the Mac with a USB cable
At this time, Apple has not publicly stated anything about this new attack method, but we will update this article when Apple announces this new attack method
Comments