What you need to know about protecting your device.
Recently, it was discovered that hackers found a way to bypass the iPhone's security systems using third-party keyboards. According to a report by Russell Kent-Payne of Certo Software, attackers use these keyboards to record personal messages, browser history, and even iPhone users passwords.
The study of this threat began after a lot of reports about cyberstalking. During the investigation, it was found that malicious keyboards were installed on all affected devices.
You can see the default iOS keyboard on the left, and the custom keyboard that works as a keylogger on the right
The special feature of this attack is that hackers do not need to break into the device or gain access to iCloud. Instead, they use Apple's TestFlight platform to distribute keyboards, as apps on that platform don't pass as strict security checks as they do on the App Store.
After installing a malicious keyboard through the device settings, hackers replace the standard iPhone keyboard with their own, which looks indistinguishable from the original one. Such a keyboard can record everything that the user enters and send the data to hackers servers.
You should also consider using anti-virus software for Mac, which can scan your iPhone or iPad for malware, but this requires a USB connection to your Mac.
At this time, Apple has not commented on this method of attack, but we will keep you updated and informed.
Recently, it was discovered that hackers found a way to bypass the iPhone's security systems using third-party keyboards. According to a report by Russell Kent-Payne of Certo Software, attackers use these keyboards to record personal messages, browser history, and even iPhone users passwords.
The study of this threat began after a lot of reports about cyberstalking. During the investigation, it was found that malicious keyboards were installed on all affected devices.
You can see the default iOS keyboard on the left, and the custom keyboard that works as a keylogger on the right
The special feature of this attack is that hackers do not need to break into the device or gain access to iCloud. Instead, they use Apple's TestFlight platform to distribute keyboards, as apps on that platform don't pass as strict security checks as they do on the App Store.
After installing a malicious keyboard through the device settings, hackers replace the standard iPhone keyboard with their own, which looks indistinguishable from the original one. Such a keyboard can record everything that the user enters and send the data to hackers servers.
How to Check and Protect Yourself
To check if a malicious keyboard is installed on your iPhone, open settings, go to the "Keyboard" section and check the list of installed keyboards. If you find an unfamiliar keyboard with the "Full Access" permission enabled, this may be a cause for concern. In this case, we recommend deleting suspicious keyboards.You should also consider using anti-virus software for Mac, which can scan your iPhone or iPad for malware, but this requires a USB connection to your Mac.
At this time, Apple has not commented on this method of attack, but we will keep you updated and informed.
