Hi guys,

Most people think that iOS is more secure than Android, and while this is true in some ways, it is not entirely true.

Yes, it is much harder to hack an iPhone remotely compared to an Android phone. It is next to impossible to install a spyware app (this does not include government spyware like Pegasus that uses different methods) onto an iPhone unless it is installed through the App Store. As you can imagine, Apple doesn’t let any spyware apps into their store. But what if the app developer remotely changes the app from a trusted app approved by Apple into a spy tool?

How can this be possible?
When a developer submits an app for approval by Apple, they have to jump through many hoops to have their app approved. In addition to dozens of automated tests, the approval process involves a physical employee of Apple looking at the app to make sure it does what it says it does. They even look at the store description, both text, and images. The approval process is long and ruthless, and they will not approve unless the app is secure and robust.

So far, so good, but the problem is that once the app has been approved and is available for download, the developer can make changes to the app that include bug fixes and adding new features. Some of these changes do not go through the same approval process and are sometimes not checked. This is where an unscrupulous developer can make changes that can turn the app into a spy tool.

Security research Alex Kleber found seven apps in Apple’s App Store that can do this via a command and control server connected to the apps. You can read his full report HERE. Please check your phone, and if you have any of these apps installed, remove them immediately. Apple has removed them from the store, but this will not remove them from your phone, so please check immediately.

Please compare the app with the app developer name as well; otherwise, you could remove the wrong app with a similar name by mistake.

Here is the list:

  • PDF Reader for Adobe PDF Files
    By developer Sunnet Technology Inc
  • Word Writer Pro
    By developer Netozo Limited
  • Screen Recorder
    By developer Safeharbor Technology Ltd
  • Webcam Expert
    By developer Wildfire Technology Inc
  • Streaming Browser Video Player
    By developer Boulevard Technology Ltd
  • PDF Editor for Adobe Files
    By developer Planet Limited
  • PDF Reader Pro
    By developer Xu Lu

Other ways to protect yourself:

  • Only install apps from the official app store; before installing, check how many reviews the app has. (This is the most important thing to do)
  • Never install an app from a website that you do not trust. You can use Incognito Website Checker, and we will tell you if it is safe or not.
  • During installation, pay attention to the requested permissions and do not grant any permissions that appear unnecessary for the app’s core functionality.
  • You can also use Incognito’s App Check tool to check what permissions an installed app already has on your device. If you use this feature, you will be stunned by some of your installed apps’ permissions. I suggest you use this tool to check what apps have permissions on your device. Does a torchlight app need to be able to make phone calls etc.?
  • Keep an eye on battery consumption; if your device goes dead fast, it is a clear sign go malware infection
  • Also, keep an eye on network traffic volumes to identify any spikes as this can be a sign of malicious processes running in the background.

So there you have it, Apple is not as secure as you think. Stay vigilant.

All the best,

Max Roberts,
Incognito Privacy Care Team.