Hackers Find Sneaky Way to Attack Locked iPhone
Hackers have yet again found a way to get into locked iPhones, and it gets as sneaky as it can! Bad actors are using post-exploitation tampering technique to visually deceive a target into believing that their iPhone is running in Lockdown Mode when it’s actually not.
Apple iPhones are touted to be hacker-proof and this challenges hackers to do all they can to break the security. Over the years, hackers have bypassed Apple’s security checks through the use of third-party custom keyboards, allowing them to spy on iPhone users. And now this has gone up a notch.
Russell Kent-Payne, director and co-founder of Certo Software, warns that these keyboards are a significant threat, especially in domestic tech abuse situations where an abuser users technology to harass, stalk, or intimidate a partner.
New Threat on iPhone
The new threat, the sneaky attack happens when the iPhone owner or user triggers the Lockdown Mode activation. The hacker installs a small app containing an embedded custom keyboard on the target’s device.
Ken-Payne says the spyware developers they investigated often distribute these apps through TestFlight – a platform for testing new iOS apps before they are released on the App Store. It should be noted that TestFlight apps are not subjected to the same strict review process as apps from the main App Store.
The expert said a malicious custom keyboard could be distributed via any app. “This means a seemingly harmless app may serve as a carrier to introduce a keylogger. Once the app is on the iPhone, the stalker then installs the custom keyboard via the Settings app and configures it to have ‘Full Access’ to the device. Next, the perpetrator switches the iPhone’s default keyboard with this custom version. The malicious keyboard then records everything that the victim types on their iPhone and sends it to an online portal which can be accessed by the stalker from anywhere in the world.”
Apple Enhances Security for iPhone
Apple introduced the Lockdown Mode in 2022 with iOS 16 as an enhanced security measure to safeguard high-risk individuals from sophisticated digital threats, like mercenary spywater by minimizing the attack surface.
Cyber experts say Apple has done a great job by marketing its iPhones are unhackable, but it isn’t true. Hackers find ways to get into devices time and again. iPhone users should regularly check their device’s keyboard settings for anything unusual.