Hackers Breach iPhones Using Keyloggers in Virtual Keyboards

Recently, security experts discovered that hackers have found a way to bypass iPhone security systems using third-party keyboards. According to a report by Russell Kent-Payne from Certo Software, attackers are leveraging these keyboards to record private messages, browsing history, and even passwords from iPhone users.

This threat came to light after numerous reports of cyberstalking. During the investigation, it was found that all affected devices had malicious keyboards installed.

How the Attack Works

The default iOS keyboard appears on the left, while a custom keyboard acting as a keylogger is shown on the right.

What makes this attack unique is that hackers do not need to jailbreak the device or access iCloud. Instead, they use Apple’s TestFlight platform to distribute their keyboards, since apps on this platform do not undergo the same strict security checks as those in the App Store.

Once the malicious keyboard is installed through the device settings, hackers replace the standard iPhone keyboard with their own, which looks identical to the original. This keyboard can record everything the user types and send the data to the hackers’ servers.

How to Check and Protect Yourself

• To check if a malicious keyboard is installed on your iPhone, open Settings, go to the Keyboard section, and review the list of installed keyboards.
• If you find an unfamiliar keyboard with Full Access enabled, this could be a cause for concern. In this case, it is recommended to remove any suspicious keyboards.
• Consider using antivirus software for Mac that can scan your iPhone or iPad for malware. Note that this requires connecting your device to your Mac via USB.

As of now, Apple has not commented on this method of attack, but we will continue to monitor updates and keep you informed.