Hackers bypass Apple’s checks to distribute malicious keyboards used to spy on users: Report

According to a report, iPhone users could be targeted by malicious keyboards that can bypass Apple’s stringent security checks to spy on user activity. While apps distributed through the App Store are tested by Apple, these third-party keyboards are installed through another means that allows developers to test their apps on iOS. Once installed, these keyboards can be used to secretly spy on a user and collect their sent messages, passwords, browsing history, bank credentials and any other text entered on the phone.

Security firm Certo Software reports Third-party keyboards are being distributed by hackers as ‘stalkerware’ – spyware apps or services that are used to monitor and stalk people online. Although it is difficult to distribute these malicious apps through the App Store because Apple scans these apps before they are published, hackers have reportedly started distributing these apps. test flight,

iOS Spyware Keyboard Comparison CertoSoftware iOS Spyware

Apple’s keyboard (left) compared with a malicious keyboard
Photo Credit: Certo Software

Apple’s TestFlight service is an online platform that allows developers to invite people to test unreleased software or run a beta test of their software before it is published on the App Store. According to Certo Software, hackers are using the same platform to distribute malicious third-party keyboards to people, which can then be installed on the iPhone of an unknowing partner, friend, or family member.

Once installed, the keyboard needs to enable another setting on the target’s iPhone that allows third-party keyboards to collect the user’s data. By default, any keyboard on iOS is not allowed to access the Internet. Once this permission is enabled, the keyboard is able to transmit all keystrokes collected – including chat messages, passwords, notes, browsing history, OTP codes, bank credentials and other information.

A screenshot of one of these keyboards shared by Certo Software shows how the malicious keyboard looks identical to Apple’s default keyboard, making it difficult for users to identify such apps on their smartphones. According to the firm, the data captured from the phone can be viewed by a stalker through a web portal.

iOS Spyware Keyboard CertoSoftware iOS Spyware

Information taken from a target’s phone can be viewed through a web portal
Photo Credit: Certo Software

The security firm suggests that Apple could implement a notification system – similar to WhatsApp’s new login alerts that are shown after a few hours – to notify users when a new keyboard is installed on their smartphone.

The security firm says users can protect themselves from this type of software by opening the Settings app and tapping General , keyboard , keyboard, You should see the name of the language you type in – for example, English (UK) – and the emoji. Any third-party keyboards you installed, like SwiftKey or Gboard, will also appear here. However, if you recognize an unknown keyboard here, you can use edit button to delete it immediately.

Another sign that unauthorized software has been installed on your phone without your permission is if you haven’t installed the TestFlight app on your phone, but found it in your App Library or Settings app. You can also change your device passcode to make sure only you can access your phone, and get help online resources If you suspect that you are the target of stalkerware on your devices including your smartphone or computer.


Affiliate links may be automatically generated – see our ethics statement for details.

(TagstoTranslate)iPhone third party keyboard spyware testflight hackers certificate software iPhone

Leave a comment