Some people think iPhones never get viruses; in fact they do – but it’s very rare. Rather than an a virus, it’s more likely that you’re seeing a misbehaving advert in an app you use regularly, triggering behaviour that is intended to convince you that iOS is infected and you need to download an app to fix it, or redirecting you to a dodgy URL or a page on the App Store.
However, if you’re convinced that your iPhone or iPad has a virus, worm or other form of malware, read on to find out how to remove it, as well as how to avoid these problems in the first place.
How to find out if your iPhone has got a virus
Technically speaking, a virus is a piece of code that inserts itself into another program, whereas a worm is a standalone program in its own right; both seek to propagate themselves by hijacking messaging applications or via social engineering.
The iOS platform has seen a number of attacks that fit the first definition, when attackers have inserted malicious code into respectable apps or hijacked the developer tool used to create them. And although compromised apps should be caught at the App Store’s approval stage, those who have jailbroken their devices can download apps from other sources and may inadvertently install something dangerous.
In either case, however, iOS’s sandbox structure should prevent the malware attack from getting access to other applications (in order to spread itself) or to the underlying operating system.
What’s causing the problem?
The main questions when trying to work out what has happened to your malfunctioning iPhone or iPad are these:
Have you jailbroken your device? And if so, have you installed an application from a non-official source whose authenticity is questionable? If the answer to both is yes, you may have a malicious piece of software on your device, and should attempt to isolate and uninstall the culprit.
Does the unexpected behaviour manifest itself when you use certain apps only? If so – and particularly if it’s only one app – then you’re probably looking at an app-specific issue, and we’ll deal with this in a moment. Common behaviour exhibited by apps that have been hijacked include redirecting you to an unfamiliar web page in Safari, and opening the App Store without permission.
You may also be able to find the route of the problem using a dedicated antivirus app for iOS such as Bitdefender Mobile Security. This will then protect you from future security threats, and adds web protection, a VPN and remote lock and wipe.
If the problem continues to happen no matter which apps are open, the chances are that your device is misbehaving because of a hardware problem, or because of an iOS change that you’re not used to yet, or because you or another user of the device has changed a setting, perhaps inadvertently. It’s extremely unlikely that malware has penetrated to the heart of the operating system and is causing problems throughout the system; this would be essentially unprecedented. In any of these cases we would take the device to an Apple Genius Bar.
Is a compromised app causing the problem?
Rather than a virus affecting iOS itself, it’s possible that you’ve simply got a problem app.
This doesn’t necessarily mean the app is bad or that the developers are at fault; conversely, the fact that an app is legitimate or was made by a reputable company doesn’t mean it can’t be hijacked by malware or hackers.
Because hackers cannot break into iOS itself, one of their most common strategies is to crack a developer kit, which may in turn be used by unwitting app developers. The crooks thus gain the ability to redirect you to a dodgy website when you use the app which uses the compromised tool.
It’s usually obvious when one particular app is the culprit, because you only have problems when using it. The usual giveaway sign is that, when you’ve got that app open, you will periodically be redirected to a web page, or to the App Store, without your permission.
If you think one app is the problem, first of all have a look to see if an updated version of the app is available, since the problem may have been noticed and fixed. Also check the app’s website (if it has one) and/or the developers’ Twitter feed (if they have one) to see if the issue has been reported or discussed in those places. If the devs are contactable then you should report the issue to them; they may be able to offer a solution right away, but even if they can’t, they are more likely to find a fix if they know about it.
Assuming that updating the app doesn’t solve the problem, uninstall it and try to manage without for a while. If the problem disappears then you’ve found your culprit, and it’s time to decide if you can manage without the app in the long term. Even if you do decide to delete the app permanently, however, remember that you can check in with the developers from time to time and see if a satisfactory update has materialised.
Clear history and website data
Here’s a quick tip that may resolve web page redirect problems. Go to Settings > Safari > Clear History and Website Data, then tap Clear History and Data to confirm.
Power off and restart
Hold down the power button until the screen changes and the ‘slide to power off’ slider appears. (This should take about four to five seconds.) Then slide the slider so the phone powers down. The screen will turn black. (On an iPhone without a Home button, such as the iPhone 11 Pro, you’ll have to hold the power button and the volume down button at the same time.)
To restart the phone, hold down the power button again. This time it should take about 10 seconds. The Apple logo will appear; at this point you can let go of the power button. Wait until the passcode entry screen appears (you need to enter a passcode instead of using Touch ID/Face ID the first time you unlock a phone after powering up) and then unlock the device.
Has this fixed the problem? If not, you may need to take more drastic measures.
Restore your iPhone from backup
We trust that you back up your iPhone on a regular basis. If so, it’ll be easy to restore your iPhone from the most recent backup and see if the solution has been removed.
If this fails, you may have backed up the contents of your iPhone including the malware of other problem, so restore from the second most recent backup, then the one before that and so on. Hopefully you will find a backup that pre-dates the problem and you’ll be able to proceed from there.
Restore your iPhone as a new device
If none of your backups are malware-free, or the only backups that are malware-free are unusable for some other reason, then you may be better off starting from scratch.
Wipe your iPhone by going to Settings > General > Reset > Erase All Contents and Settings, then enter your passcode and confirm the process. Wait for the erasure to complete, and then set up the iPhone as a new device.
We describe this process in more depth in separate articles: How to reset an iPhone and How to set up a new iPhone.
Once you’ve completed setup you’ll need to reinstall the apps you want to use (although remember that if an app seems to be causing the problem you should try living without it for a while and see if things are better), reload songs, photos and videos and get the settings back to the way you like them. It’s a pain, but hopefully you’ll only need to do it this once.
How to protect your iPhone from malware
Update iOS or iPadOS regularly. We recommend not jailbreaking, and if you do, you need to be especially careful about the software you install and the sources you download it from. And be careful of ‘social engineering’ attacks – don’t open links if you’re unsure where they come from.
You may also want to invest in antivirus for your iPhone. If you already have antivirus for your Mac, the chances are good that it has an app for iPhone included in your subscription. Our recommendation for iPhone would be Bitdefender.
Further reading
That’s your lot, and hopefully after following the advice in this tutorial you’ll have either removed all malware from your iDevice or – more likely – received assurance that it was virus-free in the first place.
If you’re interested in learning more about this subject, we have several more articles that you may find helpful. In one we discuss the thorny question Do iPhones get viruses? As we’ve discussed in this article they do, but it’s very rare.
For more general advice on protecting yourself from hackers, malware writers and other miscreants, read our iPhone security tips.
Via MACWORLD