May 10, 2016 by

New App Tells iPhone Users If Their Phone is Hacked


Although Apple’s security measures had left the FBI bewildered for months before the agency eventually cracked into the San Bernardino shooter’s iPhone with help from Grey-hat hackers, iPhones are oftentimes hacked and spied upon. Malicious actors routinely employ malware to break in and snoop in on targets.

A new iPhone application, simply titled System and Security Info will tell users if their device has been jailbroken, bringing in increased protection to iPhone users who may be oblivious to the fact that their iPhone is being snooped into.

Most malware runs quietly as a background process, leaving very few hints that the phone is compromised. Indeed, if iPhone users detected the malware, it’s easily removed. This is precisely why malware authors look to keep their malicious processes hidden.

Several spyware vendors like HackingTeam among others sell their products to law enforcement and government agencies to spy on phones. Companies like mSpy offer their products for parents who want to keep tabs on all activities on their children’s phones. For all of the above to occur, the snooping apps require one fundamental exploit, the jailbreak. It is only when iPhones are jailbroken that they can be spied upon.

Related read: Apple Claims Better Security with iOS 9, Gets Hacked before Its Release

Typically, a jailbreaking process involves modifying the device’s software so that the iPhone runs other software otherwise unauthorized by Apple. It takes less than half an hour and jailbreak software are freely available online.

Speaking to Gizmodo, German security researcher Stefan Esser who developed System and Security Info stated:

The biggest motivation behind [this app] is that these companies like FinFisher or HackingTeam that are selling iOS spy software to government and others, they usually require [their clients] to only use jailbroken phones.

“So,” he added, “the idea behind that is whoever is trying to spy on someone needs to get physical access to the device, jailbreak it, and then they can run the spying tools from HackingTeam or FinFisher.”

Other applications which detect if a phone is jailbroken typically look at certain files as indicators of a jailbreak. Files which can easily be deleted, to avoid suspicion.

Related read: iOS 9 Bug Allows Hackers to Bypass Lockscreen

However, the new application goes a few steps beyond to show the exact jailbreak used and also does an assessment of Apple’s normal security layers. In making sure they’re intact, the app validates the root partition that is protected from hackers and also checks if the code and signatures are signed and verified by Apple. The app even detects signatures that are tampered with.

If everything is green in the overview of the application, the user is in the clear.

Image credit: Pexels.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Apple Partners Allianz to Offer CyberCrime Insurance Perks

A new partnership between Apple, Cisco and insurance firm Allianz SE will see businesses using...

Read more arrow_forward

Happy New Year: Researcher Drops MacOS Zero-Day Root Access Kernel Exploit

To ring in the new year, a security researcher on New Year’s Day disclosed an unpatched security...

Read more arrow_forward

Apple Pushes Update to Fix Major Mac OS Vulnerability

Apple has issued an emergency patch after admitting to a major security flaw that enabled anyone to...

Read more arrow_forward