Hackers Find New Vulnerability in iOS, Allowing Keyboard Spying
A troubling new vulnerability in iOS has been discovered, allowing hackers to spy on users through their keyboard. Certo Software released a report revealing how cybercriminals are avoiding Apple’s stringent security measures to steal personal information.
The method hackers are using involves installing a third-party keyboard with a keylogger into iPhones. They disguise the keylogger within a small app and use Apple’s TestFlight tool for app developers to bypass Apple’s security checks. The goal is for users to download these apps, unknowingly turning over their own information to hackers.
But how are hackers using TestFlight to steal your information? TestFlight is Apple’s top developer tool, providing a space for developers to upload unfinished versions of apps and send links to testers. However, security concerns arise as hackers install a small app containing a custom keyboard with a keylogger, then using TestFlight to access the app and install the custom keyboard on users’ iPhones.
This malicious keyboard looks nearly identical to the iPhone’s default keyboard, making it difficult for users to detect if they are using a compromised keyboard. To protect yourself, it’s important to check your keyboard settings in iOS regularly and delete any unfamiliar keyboards.
In addition, there are proactive steps you can take to protect your iPhone from keyboard spying attacks. These include only downloading apps from official app stores or reputable developers, being cautious when using TestFlight, regularly checking and deleting suspicious keyboards, updating to the latest iOS version, and installing antivirus software on all devices.
If you suspect that you have been a victim of a keyboard spying attack, immediate action should be taken to minimize the damage and secure your device. This includes changing passwords, monitoring accounts and transactions, contacting your bank and credit card companies, alerting contacts, restoring your device to factory settings, and using identity theft protection.
With hundreds of potential ways for hackers to steal personal information, being cautious about app downloads and keeping an eye out for malicious software can help reduce the risk of falling victim to cyberattacks. What are your thoughts on tech companies’ responsibility to protect users from security breaches? Let us know by visiting Cyberguy.com/Contact.