Malicious Keyboards: A Potential Threat to iPhone Users
Reports have emerged suggesting that iPhone users are at risk of being targeted by malicious keyboards that could bypass Apple’s stringent security checks. While apps distributed via the App Store are subject to Apple’s strict scrutiny, third-party keyboards are installed through a different avenue, allowing developers to test their apps on iOS. Once installed, these keyboards can discreetly spy on a user’s activity, collecting sent messages, passwords, browsing history, bank credentials, and any other text entered on the phone.
Stalkerware: A New Form of Spyware
Security firm Certo Software has warned that hackers are distributing third-party keyboards as a form of ‘stalkerware’—spyware apps or services used to monitor and stalk people online. These malicious apps are difficult to distribute via the App Store, as Apple scans all apps before they are published. However, hackers have found a way to distribute these apps via TestFlight, Apple’s platform for testing unreleased software.
The Threat Posed by Third-Party Keyboards
Once installed, these keyboards require another setting to be enabled on the target’s iPhone, allowing them to collect a user’s data. By default, no keyboard on iOS is allowed to access the internet. Once this permission is enabled, the malicious keyboard can transmit all collected keystrokes, including chat messages, passwords, browsing history, OTP codes, bank credentials, and other sensitive information. Certo Software also reveals that these malicious keyboards closely resemble Apple’s default keyboard, making it difficult for users to identify them on their smartphones.
How Hackers Are Exploiting TestFlight
The security firm has disclosed that hackers are using Apple’s own platform, TestFlight, to distribute these malicious third-party keyboards. This means that unsuspecting individuals, including partners, friends, and family members, are vulnerable to having these keyboards installed on their iPhones without their knowledge.
Taking Precautions: Protecting Yourself from Malicious Software
Security experts assert that users can take measures to protect themselves from these malicious software. They can check for any unknown third-party keyboards installed on their iPhone by opening the Settings app and navigating to General > Keyboard > Keyboards. Here, they can identify any installed third-party keyboards and delete them if necessary. Additionally, if the TestFlight app appears on their phone, despite not having installed it themselves, this could be a sign that unauthorised software has been installed on their device.
Remaining Vigilant
Furthermore, users are advised to change their device passcode to ensure only they can access their phones. Seeking support from online resources is also recommended for those who suspect they are targets of stalkerware on their devices, including smartphones and computers.
Potential Solutions and Future Steps for Apple
Certo Software suggests that Apple could implement a notification system, similar to WhatsApp’s new login alert, to notify users when a new keyboard is installed on their smartphone. This could help users identify and remove any unauthorised keyboards promptly.
Conclusion
In light of this potential threat, it is crucial for iPhone users to remain vigilant and take necessary precautions to protect themselves from malicious third-party keyboards. By staying informed and proactive, users can safeguard their personal data and privacy from exploitation by stalkerware and other forms of malicious software.
