Hackers Bypass Apple’s Checks to Deliver Malicious Keyboards Used to Spy on Users: Report

iPhone users could be targeted by malicious keyboards that can bypass Apple’s stringent security checks to spy on user activity, according to a report. While apps that are distributed via the App Store are checked by Apple, these third-party keyboards are installed via another avenue that allows developers to test their apps on iOS. Once installed, these keyboards can be used to discreetly spy on a user and collect their sent messages, passwords, browsing history, bank credentials, and any other text entered on the phone.

Security firm Certo Software reports that third-party keyboards are being distributed by hackers as a form of ‘stalkerware’ — spyware apps or services used to monitor and stalk people online. While it is difficult to distribute these malicious apps via the App Store as Apple scans these apps before they are published, hackers have reportedly begun distributing these apps via TestFlight.

ios spyware keyboard comparison certosoftware ios spyware

Apple’s keyboard (left) compared with the malicious keyboard
Photo Credit: Certo Software


Apple’s TestFlight service is an online platform that allows developers to invite people to test out unreleased software or run beta tests of their software, before it is published to the App Store. According to Certo Software, hackers are using the same platform to distribute malicious third-party keyboards to people, which can then be installed on an iPhone belonging to an unsuspecting partner, friend, or family member.

Once installed, the keyboard requires another setting to be enabled on the target’s iPhone that allows third-party keyboards to collect a user’s data. By default, no keyboard on iOS is allowed to access the Internet. Once this permission is enabled, the keyboard is able to transmit all keystrokes that are collected — including chat messages, passwords, notes, browsing history, OTP codes, bank credentials, and other information.

A screenshot of one of these keyboards shared by Certo Software illustrates how similar the malicious keyboard appears to Apple’s default keyboard, making it difficult for users to identify such apps on their smartphone. Data captured from the phone can be viewed by a stalker via a web portal, according to the firm.

ios spyware keyboard certosoftware ios spyware

Information captured from a target’s phone can be viewed via a web portal
Photo Credit: Certo Software


The security firm points out that Apple could implement a notification system — similar to WhatsApp’s new login alert that is shown a few hours later — to notify users when a new keyboard is installed on their smartphone.

The security firm says that users can protect themselves from these kinds of software by opening the Settings app and tapping General > Keyboard > Keyboards. You should see the name of the language you type in — for example, English (UK) — and Emoji. Any third-party keyboards you have installed, like SwiftKey or Gboard will also show up here. However, if you recognise any unknown keyboards here, you can use the Edit button to quickly delete it.

Another sign that unauthorised software has been installed on your phone without your permission is if you haven’t installed the TestFlight app on your phone but find it in your App Library or in the Settings app. You can also change your device passcode to ensure only you can access your phone, and seek support from online resources if you suspect you are a target of stalkerware on your devices, including your smartphone or computer.

Is the Samsung Galaxy Z Flip 5 the best foldable phone you can buy in India right now? We discuss the company’s new clamshell-style foldable handset on the latest episode of Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Share this article:
Previous Post: Apple Granted Patent for External Flashlight on Apple Watch Bands, Could Come With Dedicated Battery

December 9, 2023 - In Technology

Next Post: The Game Awards 2023: Hideo Kojima’s OD, Monster Hunter Wilds, Blade, More Announced

December 9, 2023 - In Technology

Related Posts