I think my iphone has been compromised by a virus and websites accessed without me knowing (hits have been flagged by my company wifi). Can anyone recommend a 'deepscan' software or any advice for finding out if it has some kind of malware on it. The hits did not appear on my search history. I would like to find categorical evidence to protect my job.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
iPhone compromised
- Thread starter Cyp1974
- Start date
- Sort by reaction score
People, please pay attention to what the OP is asking. It is so annoying when people do not pay attention and make unrelated posts.
If this post is true in Apple discussion forum back in 2023 then iphone's cannot get viruses.
discussions.apple.com
Which means something else must be going on with the iphone.
This is a good guide from NordVPN. It's title is a bit misleading because at it states in the article you cannot scan for viruses on an iphone therefore you have to carry out various types of checks on the iphone yourself
nordvpn.com
If this post is true in Apple discussion forum back in 2023 then iphone's cannot get viruses.
How can I do a virus scan on my iPhone? - Apple Community
Which means something else must be going on with the iphone.
This is a good guide from NordVPN. It's title is a bit misleading because at it states in the article you cannot scan for viruses on an iphone therefore you have to carry out various types of checks on the iphone yourself
How to check for viruses on an iPhone in 10 easy steps
iPhones aren’t invincible. Learn how to check for viruses on your iPhone, recognize signs of malware, and find tips to protect your device from future threats.
nordvpn.com
True enough... that said "I think my iphone has been compromised by a virus" almost ALWAYS means there is no compromise
Were you surfing the internet when your employers had the security hits from your phone on their wifi? And was the hit you described simply that your employer's security software blocked you from visiting a site classified as malicious?
Many sites, even perfectly legitimate ones, serve banner ads delivered through an advertising network, and sometimes those ad networks deliver ads with elements or links from sites flagged as harmful.
Many sites, even perfectly legitimate ones, serve banner ads delivered through an advertising network, and sometimes those ad networks deliver ads with elements or links from sites flagged as harmful.
Thank you for this. Yes, looking at the times that the hits occurred it was quite possible that I was surfing the internet or on Facebook etc. However, the websites that have allegedly been hit are adult ones, which I don't think would be advertised through an advertising network!
If you were using your personal phone, it would be a good idea to stay off the company WiFi (for many reasons).
Working in infosec, for companies who have *TRIED* to breach the iPhone, there are no known viruses/hacks that aren't either:
1. Require extraordinary effort on the part of the user - jailbreaking-style - that would be blatantly obvious to you as they would do things like require you connect to a computer every time you reboot your phone to make it work again.
or
2. Performed using yet-undisclosed vulnerabilities - something that is basically never done against random individuals; but almost always by nation-state level actors, against specifically-targeted individuals. (Russian state intelligence service attempting to hack a specific Western reporter, for example; or US CIA attempting to hack a foreign target.)
It is near-certain that your phone was not compromised, hacked, or infected with a virus.
However, there are many scam websites, some that even show up far-earlier-than-they-should in search results, that pretend to be legit websites, and may redirect you to fake scam websites and trigger "a website you shouldn't have accessed" alerts by corporate IT defenses. But these are just websites - your history should show them; although they may show the name of the website they were pretending to be, rather than the actual name, depending on how sophisticated the scammer.
If the phone is a personally-owned device being used on the corporate network, your company should have installed "MDM" software (Mobile Device Management) to allow them to be sure your device is safe on their network, and would be able to prove in their own logs what you visited. You would need to insist on seeing those logs (if they attempt actual disciplinary action against you) to explain what they're seeing.
1. Require extraordinary effort on the part of the user - jailbreaking-style - that would be blatantly obvious to you as they would do things like require you connect to a computer every time you reboot your phone to make it work again.
or
2. Performed using yet-undisclosed vulnerabilities - something that is basically never done against random individuals; but almost always by nation-state level actors, against specifically-targeted individuals. (Russian state intelligence service attempting to hack a specific Western reporter, for example; or US CIA attempting to hack a foreign target.)
It is near-certain that your phone was not compromised, hacked, or infected with a virus.
However, there are many scam websites, some that even show up far-earlier-than-they-should in search results, that pretend to be legit websites, and may redirect you to fake scam websites and trigger "a website you shouldn't have accessed" alerts by corporate IT defenses. But these are just websites - your history should show them; although they may show the name of the website they were pretending to be, rather than the actual name, depending on how sophisticated the scammer.
If the phone is a personally-owned device being used on the corporate network, your company should have installed "MDM" software (Mobile Device Management) to allow them to be sure your device is safe on their network, and would be able to prove in their own logs what you visited. You would need to insist on seeing those logs (if they attempt actual disciplinary action against you) to explain what they're seeing.
Yes they would, I've seen it happen. This is why I use an ad blocker for most websites these days.