New iPhone Security Threat Lets Hackers Record Every Word You Type

hero phone 4925181 1920
Apple iPhone users should check whether their phone harbors an unassuming keyboard app in Settings. There's a new third-party keyboard that's designed to collect everything they type and send that information to cybercriminals.

British cybersecurity company Certo Software just detailed how keyboard-based iPhone spyware are on the rise. iOS is normally quite well-protected from security intrusions due to its more walled-off ecosystem. In fact, privacy and security is something Apple touts in pretty much all its launch events, but cybercriminals might have found a chink in the armor. 

With apps on the App Store being under tight scrutiny, normally requiring a deep vetting process before being available for download, hackers have found a new way of installing malicious keyboards to spy on people's iPhone activity. Basically once installed, the keyboards record every single thing the user types, which include messages, URLs, passwords, bank account information, and so on.

Traditionally, hackers were only able to install spyware on some kind of compromised iPhone (either one that's jailbroken or via access to the victim's iCloud account). Certo reports a new technique that uses TestFlight—a testing platform used by developers to test new iOS apps. Since TestFlight is NOT subjected to Apple's strict review process for apps in the App Store, all cybercriminals have to do is covertly install a small container app through TestFlight onto a victim's iPhone after which keylogging keyboards can be deployed. 

Real Vs Keylogger keyboard
Default iOS keyboard versus keylogger keyboard (Credit: Certo Software)

To the regular user, the malicious custom keyboard looks almost identical to the stock iOS keyboard. The keys are somewhat smaller on the perpetrating app, but that's only if you look hard enough. Once the keyboard is installed by the hacker, anything and everything the victim types can be collected and accessed from anywhere in the world.

To find out if your device is affected by this security threat, head over to Settings > General > Keyboard > Keyboards. There are normally two standard keyboards, one in your language (e.g. "English (US)") and the other would be "Emoji." If there's a third keyboard that you're quite certain you didn't install (especially one that has "Allow Full Access" activated), you need to delete it by tapping Edit, tapping the red minus icon, and then tapping Delete.