My iphone was hacked. How do I find out what software they used?

[bufffilm]

If you were stupid enough to give your phone to someone else to use and they stepped out of your sight...you've got only yourself to blame.

Who cares about the rest?! I sure don't.

 

[ross1998]

I too doubt anything happened and this is alll a misunderstanding.

 

[bopajuice]

Questions.

Why did you not ask them what they did or were doing to your phone at the time?

What would they accomplish from hacking your phone?

You call the person who used your phone a friend? Would your friends sell or steal your personal info?

Was there something on your phone worth stealing?

I feel there is more to this story that you are not telling us. I'd like to hear more details. Do tell.

 

[mikecwest]

I'm pretty sure there's no way to get spyware on a non-jailbroken iPhone.

That is not entirely true. There are ways to do that stuff, and when those ways are identified, Apple patches them. You might want to understand, that the same vulnerabilities that allow you jailbreak your phone, could allow a person with malicious intent, and the technical knowledge the ability to do so.

It is not likely that your friend knows how, at least without knowing anything about her, but if the is a tech analyst, security researcher, etc...the changes of that are increased.

 

[tresmith]

Take your tinfoil hat off.
Just because you saw an app installing or something displayed on the screen it doesn't mean she hacked your phone and installed viruses and spyware and all the dozens of assumptions you made.
Did you even bother looking to what app she installed or bother asking her without blaming the Russians for hacking your phone?
[doublepost=1485470500][/doublepost]

Yes, a secret jb userland exploit created just to get into the OP's phone

It wasn't an app update. I described what I saw in detail.

I've owned an iphone since the 3gs, 4 in total and I know what normal iphone activities look like vs abnormal activities.

 

[millerj123]

It wasn't an app update. I described what I saw in detail.

Well, good luck solving your hacking.

 

[tresmith]

Questions.

Why did you not ask them what they did or were doing to your phone at the time?

What would they accomplish from hacking your phone?

You call the person who used your phone a friend? Would your friends sell or steal your personal info?

Was there something on your phone worth stealing?

I feel there is more to this story that you are not telling us. I'd like to hear more details. Do tell.

No I didn't confront her at the time. I should have though.

Nowadays it's all about fraud and identity theft. Since I moved to Atlanta from NYC I've been hit several times.

The short answer to all your questions is that I was dealing with a greedy, low class friend. Good people are in short supply.

 

[willmtaylor]

No I didn't confront her at the time. I should have though.

Nowadays it's all about fraud and identity theft. Since I moved to Atlanta from NYC I've been hit several times.

The short answer to all your questions is that I was dealing with a greedy, low class friend. Good people are in short supply.

You've used the term "friend" too liberally methinks.

 

[tresmith]

Well, good luck solving your hacking.

Some of you are getting caught in semantics. Ok it wasn't a hack persay but something was installed on my phone without permission.
[doublepost=1485827809][/doublepost]

You've used the term "friend" too liberally methinks.

definitely I agree.
[doublepost=1485827857][/doublepost]

If you were stupid enough to give your phone to someone else to use and they stepped out of your sight...you've got only yourself to blame.

Who cares about the rest?! I sure don't.

This is someone I knew for over 5 years and didn't have a reason not to trust her.

 

[willmtaylor]

Some of you are getting caught in semantics. Ok it wasn't a hack persay but something was installed on my phone without permission.
[doublepost=1485827809][/doublepost]

definitely I agree.
[doublepost=1485827857][/doublepost]

This is someone I knew for over 5 years and didn't have a reason not to trust her.

Would she not still need your password/fingerprint to install an app from the App Store?

 

[bufffilm]

Some of you are getting caught in semantics. Ok it wasn't a hack persay but something was installed on my phone without permission.
[doublepost=1485827809][/doublepost]

definitely I agree.
[doublepost=1485827857][/doublepost]

This is someone I knew for over 5 years and didn't have a reason not to trust her.

Well since you wiped your phone, we'll never know if it was indeed hacked or not.

If you ever in the future give your phone to someone for a call, do it thru the emergency call feature and dont unlock the phone.

Then no worries.

 

[daijholt]

When I got my phone back and checked it there was an all black screen like it was put in DFU mode with a technical term running across it. The term escapes me at the time. But it was along the lines of software going through the stages of being installed.

My phone is not jailbroken but I did give unlocked access to it.

Judging by the comments it looks like that's what the software was meant to do.

Jailbreak my phone in order to get full access/control.

I'll try and offer some clarity to the issue here.

When the phone is in DFU mode, nothing is displayed. When software is being installed from DFU mode, you see the loading bar and NOTHING else; this is part of its intended design, DFU is a completely blank slate so you wouldn't have seen text if it was actually in DFU mode.

You CANNOT get virus, or spyware on an iOS device. Maybe the NSA could do it, but it would take millions of dollars worth of specialist software. It's physically impossible for malicious software to do anything as iOS is sandboxed right from the kernel up. You'd have to re-write the entire software code of iOS for malicious software to be useful (which only apple has the ability to do, as only they have the original source code, thus the FBI fiasco last year).

It's entirely possible that this person tried to jailbreak your iPhone, but extremely unlikely, as there is very little to gain form their point of view. They could read your texts maybe, see who you've called perhaps, or check your email. All very invasive yes, but unless you're secretly a spy or a terrorist it would be a complete waste of time (unless the friend is completely crazy of course).

In short, don't panic. Your phone is fine, you've wiped it now, and you're back to square one. Learn the lesson from the experience; don't trust anyone with unhindered access to what is arguably the most important piece of equipment in your entire life.

 

[mikecwest]

I'll try and offer some clarity to the issue here.

When the phone is in DFU mode, nothing is displayed. When software is being installed from DFU mode, you see the loading bar and NOTHING else; this is part of its intended design, DFU is a completely blank slate so you wouldn't have seen text if it was actually in DFU mode.

You CANNOT get virus, or spyware on an iOS device. Maybe the NSA could do it, but it would take millions of dollars worth of specialist software. It's physically impossible for malicious software to do anything as iOS is sandboxed right from the kernel up. You'd have to re-write the entire software code of iOS for malicious software to be useful (which only apple has the ability to do, as only they have the original source code, thus the FBI fiasco last year).

It's entirely possible that this person tried to jailbreak your iPhone, but extremely unlikely, as there is very little to gain form their point of view. They could read your texts maybe, see who you've called perhaps, or check your email. All very invasive yes, but unless you're secretly a spy or a terrorist it would be a complete waste of time (unless the friend is completely crazy of course).

In short, don't panic. Your phone is fine, you've wiped it now, and you're back to square one. Learn the lesson from the experience; don't trust anyone with unhindered access to what is arguably the most important piece of equipment in your entire life.

If you remember, the FBI paid an Israeli firm to hack that phone. It used the "pegasus" exploit, which is the same one that was used for the 9.3 jailbreak. We are only kidding ourselves to think that nobody can put malware on our devices. It is certainly possible, but not by most people.

 

[willmtaylor]

If you remember, the FBI paid an Israeli firm to hack that phone. It used the "pegasus" exploit, which is the same one that was used for the 9.3 jailbreak. We are only kidding ourselves to think that nobody can put malware on our devices. It is certainly possible, but not by most people.

Possibility and probability are very different beasts, indeed.

 

[boast]

Yes, a secret jb userland exploit created just to get into the OP's phone

Well he is mainly trying to figure out how an app started to download/install without his touchID/passcode.

One experience that comes to mind was when you were able to install popcorn time through Safari without jailbreak.

I don't mean the friend is a hacker, but if you have a "friend" who sends you iMessages that cause your iPhone to reboot that doesn't mean they're "hackers" either

 

[Applejuiced]

Well he is mainly trying to figure out how an app started to download/install without his touchID/passcode.

One experience that comes to mind was when you were able to install popcorn time through Safari without jailbreak.

I don't mean the friend is a hacker, but if you have a "friend" who sends you iMessages that cause your iPhone to reboot that doesn't mean they're "hackers" either

He doesn't really know what happened so your guess is as good as anyone's
[doublepost=1485922586][/doublepost]

If you remember, the FBI paid an Israeli firm to hack that phone. It used the "pegasus" exploit, which is the same one that was used for the 9.3 jailbreak. We are only kidding ourselves to think that nobody can put malware on our devices. It is certainly possible, but not by most people.

Nobody really knows what exploit they used to gain access to that device to figure out the 4 digit pin without getting locked out after a set amount of invalid attempts.
Most say they used a hardware bypass method but they have millions $$ of reasons not to let their secret out

 

[tresmith]

Would she not still need your password/fingerprint to install an app from the App Store?

I believe that I set it up so that free apps don't need a password. maybe I should change that.
[doublepost=1485930767][/doublepost]

I'll try and offer some clarity to the issue here.

When the phone is in DFU mode, nothing is displayed. When software is being installed from DFU mode, you see the loading bar and NOTHING else; this is part of its intended design, DFU is a completely blank slate so you wouldn't have seen text if it was actually in DFU mode.

You CANNOT get virus, or spyware on an iOS device. Maybe the NSA could do it, but it would take millions of dollars worth of specialist software. It's physically impossible for malicious software to do anything as iOS is sandboxed right from the kernel up. You'd have to re-write the entire software code of iOS for malicious software to be useful (which only apple has the ability to do, as only they have the original source code, thus the FBI fiasco last year).

It's entirely possible that this person tried to jailbreak your iPhone, but extremely unlikely, as there is very little to gain form their point of view. They could read your texts maybe, see who you've called perhaps, or check your email. All very invasive yes, but unless you're secretly a spy or a terrorist it would be a complete waste of time (unless the friend is completely crazy of course).

In short, don't panic. Your phone is fine, you've wiped it now, and you're back to square one. Learn the lesson from the experience; don't trust anyone with unhindered access to what is arguably the most important piece of equipment in your entire life.

It was like DFU mode I didn't say it was DFU mode.

What's to gain? People keep alot of personal financial info on their phones now.

And a person can piece together your financial life and commit fraud on your behalf.

I'm not panicking. I've already cleaned my iphone. My question was about finding the software they used to infiltrate my phone.

I know that law enforcement have software they use to access and download info off of phones.

 

[Rok73]

AFAIK a jailbreak is not possible in a couple of minutes. I don't know if you mentioned how long your so-called friend was using the phone but no matter which approach one chooses it requires rebooting the phone etc.

As far as I remember you haven't mentioned which version of iOS you were running the "past weekend" but a jailbreak might not even be possible for that specific iOS iteration atm.

I know that law enforcement have software they use to access and download info off of phones.

Law Enforcement had huge issues/wasn't able to read out data from an iPhone in that case we all know of. Also, this isn't related at all to what happened to you unless your "friend" is working for Homeland Security, NSA, FBI or whatever or "payed an Israeli firm" beforehand in order to get hold of your personal data.

Maybe you're the boss of a multinational conglomerate or a high profile politician in the end. Who knows?

Well, maybe not otherwise you'd have access to much better resources than the macrumors forums to resolve this mysterious case.

Maybe you were witness to a supernatural incident? I totally believe in science so I'd rule that out.

Personally - but that is really my opinion - Apple Inc. is one of the companies I'd trust more than others when it comes to keeping my personal data safe - relatively. If it's digital it's very possibly not a 100% safe.

I am sure that there is absolutely no way to install an iOS app from the App Store that is able to spy out your phone. Apple would have long banned this from the Store respectively haven't I read any articles recently about a huge security scandal regarding an iOS app. Each app is more or less reviewed by them before it gets a pass anyways.

What's to gain? People keep alot of personal financial info on their phones now.

So, you're saying YOU keep a lot of financial info on YOUR phone? Don't do it then (in form of emails, messages etc.). Credit Card data is blocked behind your password/code in the appropriate settings. You'll need to enter your pass code/use touchID once more to access this data. There would be easier analogue ways to get hold of that too.

Ah well, at least this thread was good entertainment for me while having a very slow office hour. I'd say you're being a bit paranoid or at least trying really hard to prove that there must have been some kind of malpractice. I dunno.

But again: thanks for the great entertainment.