- Your iPhone can be hacked, though it isn’t very common, and iPhones are safer than Androids.
- To protect your iPhone, don’t click on suspicious links or give out your personal information.
- If your iPhone has been hacked, you might need to factory reset it or get a replacement.
iPhone hacks aren’t incredibly common, but they can still occur if you aren’t careful.
From malware and trickster apps downloaded from the App Store to targeted attacks on a specific device, your information can be stolen in myriad ways.
Hacking occurs when someone else gains access to private information on your device or controls it without your consent. It’s a broad term, and lies on a gradient of bad to very serious.
Here we’ll break down the common types of hacks, how to tell if you’ve been hacked, and what to do about it.
1. Avoid clicking suspicious links
Just like on your computer, your iPhone can be hacked by clicking on a suspicious website or link. If a website looks or feels “off” check the logos, the spelling, or the URL.
Try to avoid connecting to a password-free public Wi-Fi network, which opens the possibility of a hacker accessing unencrypted traffic on your device or redirecting you to a fraudulent site to access login credentials. It is best to also consider messages from numbers you don’t recognize as suspect — so don’t click any links you get from spam texts.
Fortunately, modern smartphones are good at resisting
ransomware, which lowers the risk of hacking.and
2. Don’t download shady apps
Apple devices exist in a much more closed and monitored digital ecosystem when compared to Android devices. This keeps them typically much safer as Apple screens apps; however, the process isn’t bulletproof.
Ning Zhang, who leads the Computer Security and Privacy Laboratory at Washington University in Saint Louis, says to watch out for apps that ask for more information than they’ll need to function.
For example, if you’ve downloaded a wallpaper or flashlight app and it’s asking for your location or contact list, camera, or microphone, that’s a red flag. Likely, the developers are tricking you into giving out this information so it can be sold.
“I’d be a little bit skeptical about it and consider if I really want that wallpaper app,” Zhang says. “Being vigilant, even with official apps, is helpful. If we are able to do that, I think for the average person, you should be fairly safe.”
3. Use a strong password
If you backup your phone in iCloud, make sure to have a strong password. If someone gets ahold of your password, they don’t even need to hack your phone because they can download a backup from the cloud.
Turning on Apple’s two factor authentication is another good way to stay safe and can prevent your iCloud account (Apple ID) from being hacked by requiring another step of verification.
Vyas Sekar, a professor of electrical and computer engineering at Carnegie Mellon University, says staying safe is all about “good digital hygiene.”
“Install apps from trustworthy sources and unless you know what you’re doing, you probably don’t want to jailbreak your phone,” Sekar said. “Be careful. Don’t click on attachments you don’t want to open and keep your phone up to date.”
4. Don’t jailbreak your iPhone
Jailbreaking your iPhone refers to removing the software restrictions imposed on iOS. While this has appeal to some people, it also opens you up to potential vulnerabilities in the software because you’ve eliminated some of Apple’s existing security measures.
It is possible to download incompatible
or malware apps on a jailbroken phone, and this is also how remote takeovers can occur with iPhones. A jailbroken phone should be avoided as it can dangerously allow malicious apps to go undetected.
5. Keep your iPhone up-to-date
It is generally sound advice to always keep your devices up to date with security patches.
This, too, holds true for iOS software updates. The updates include fixes for vulnerabilities that could open your iPhone up to hackers.
6. Be wary of intimate partner hacks
Abusive partners can grab your phone and download spyware (or stalkerware) when you’re not looking. This malicious software can be used to track your location, or make private information like texts, your call history, and emails accessible to them.
All they need is your password and physical access to your phone. Experts we spoke to said that this is unfortunately common. This abuse can be psychologically traumatizing and devastating to someone’s personal and public life. If you notice apps that you don’t remember downloading, this could be a sign — although many times the spyware app is invisible on the home screen.
Sadly, this problem isn’t easy to fix. Victims can risk their safety by deleting the apps or checking for malware if and when abusers notice these actions.
7. Watch out for targeted attacks
The average person probably won’t be singled out and remotely targeted by hackers because it’s expensive, sometimes costing millions for hacks of newer phones, says Matthew Green, an associate professor at the Johns Hopkins Internet Security Institute.
Journalists and activists are most at risk for this kind of hack. One form of a targeted hack works like this: Hackers exploit unknown flaws in the iOS programming that even its developers don’t yet know about. With this knowledge, hackers can install malware to get data from targeted sources.
“This is a very sophisticated set of hacks and oftentimes you won’t even know this happened to you,” Green says. “If it’s someone who is really sophisticated, they’ll send you an invisible text message and then your phone is going to be compromised for awhile.”
The bugs are known as “zero-day” exploits, corresponding with the fact that Apple will find out about a possible security issue in their software on the same day it’ll work to patch it. The minute the world knows, it’s only a matter of time before the hack is obsolete. That’s why these pricey hacks are often kept under wraps by the people, or governments, who purchase them, Green says.
The NSO Spyware group’s Pegasus malware is a particularly nasty example, but these kinds of hacks are generally reserved for those nation states consider to be high value targets.
How to tell if your iPhone has been hacked
You can’t always tell if your iPhone has been hacked, Sekar says. But you may notice a few things.
- Your phone is unusually hot, or frequently dying.
- Your phone is sluggish when trying to load websites.
- The battery is draining even when you’re not touching your phone.
These symptoms indicate the phone is running all the time, even when you’re not using it. Sometimes, the best indicators come from the outside, such as when friends say they’re getting odd messages from you. However, the most sophisticated hacks can be somewhat invisible.
There’s no definite way to check for every type of hack. Experts told us that one reliable way to investigate is to download a mobile security app called iVerify, which scans your phone’s operating system for suspicious behavior and can also detect if your phone has been jailbroken.
What to do when your iPhone has been hacked
For minor problems, like an app stealing your information, delete the app and update your software. In serious cases, you’ll want to wipe your iPhone and restore it to factory settings. But even if you do that, it may note be completely clear if you’ve gotten rid of the malware installed on your phone — especially if it has been jailbroken.
Finding an expert for inspection may be the best solution, and your phone can’t always be cured.
“I hate to say this, but if you really, really need to be safe, get a new phone,” Green says. “If somebody actually gets on your phone, and it’s a really high barrier for iPhones, they can install stuff like keyloggers, which means every key press, every letter you type in is being sent to somebody. Until you’re sure that’s gone, you can’t be sure you have any privacy.”
If you can’t get a new phone right away, a hacked iPhone is likely not safe to use, so you’re best to leave it turned off.