Most people believe that the difference between an Apple device and an Android device is that Android can pick up malware, but Apple devices are immune to it.
It’s an old idea that Windows and Android devices are insecure, while Macs and iPhones are immune to malware.
Viruses and Malware Defined
First, let’s define the term “virus” before moving on to the topic of iOS. A virus is anything that infects your computer’s operating system. As a result, you might hear the term “virus” used to refer to a piece of malware that’s trying to get into your
Malware is the standard catch-all term for malicious software. Viruses typically infect computers by installing software and then spreading infection by copying themselves to other machines.
Viruses, such as adware and spyware, that are infamous for their ability to drive you crazy by inundating your computer with advertisements and tracking data have been getting notoriety through rogue download sites and browser extensions.
To simplify our discussion, we’ll discuss the possibility of any kind of malware on iOS, not just actual viruses.
What Does iOS Do to Keep You Safe?
Let’s look at the features built into iOS to see why iOS typically doesn’t suffer from viruses.
App Store Controls
Apple’s infamous “walled garden” approach to iOS apps keeps its users safe. Unlike Android, where you can “sideload” apps you’ve downloaded from anywhere, the only official way to install iOS apps is through the App Store.
And in theory, this means that the millions of apps available are all safe. Apple reviews every app any developer submits to the App Store by hand. If it finds malicious code or dangerous behaviour, it rejects malicious apps.
This system isn’t perfect, but it weeds out the majority of dangerous apps that would otherwise be available for anyone to download.
iOS employs a security technique known as sandboxing to ensure that apps do not exceed their boundaries. This effectively prohibits any programme you instal from gaining access to data from other applications. Additionally, virtually all iOS apps operate under a restricted account.
Apps cannot alter system settings or cause harm without access to the root (administrator) account. This effectively implies that even if you do manage to instal a malicious application, it will not have total access to the operating system and its data.
Timely iOS Updates
Keeping your operating system up to date is one of the best ways to protect against malware. This is another area in which iOS has a huge advantage over Android.
When Apple releases a new version of iOS, all compatible devices get it right away. Look at the breakdown of iOS installations, and you’ll see that the majority of users run the latest version.
This isn’t the case with Android. A fragmented update cycle means that most users wait months for updates, and some never see them at all. Thus, by keeping their phones updated, iPhone users stay safe from old exploits.
Examples of iPhone Malware
We’ve established that iOS is secure for several reasons. Because of these factors, and due to Android’s widespread use, it’s no surprise that Android is the majority target of mobile malware.
But that doesn’t mean iOS is entirely invulnerable. Here are a few real examples of iPhone malware (the iPhone Wiki has even more):
- In early 2017, WikiLeaks released information on methods that the CIA had used to break into iOS devices. Apple stated that it had patched these.
- In September 2015, Apple revealed that hundreds of Chinese-made iOS apps were harbouring malware. It was due to developer using a counterfeit version of the development environment Xcode, which is available for free from Apple.
- Several developers in China downloaded altered copies of Xcode, known as XcodeGhost, and unknowingly injected malware into their apps. Apple removed the affected apps from the App Store.
- Before iOS 10.3, Safari was vulnerable to popup abuse. Malicious websites could spam dialogue boxes to lock up the browser, demanding payment via iTunes gift cards to unlock it. This didn’t actually lock the device, however, as savvy users could clear the browser cache to end the freeze.
- Xsser mRAT was a Trojan from late 2014 that could infect jailbroken devices and expose nearly all of their information.
These are just a handful of examples. And while none of these were horrific vulnerabilities that could affect every iPhone user, they still show that iOS isn’t impenetrable.
Problems Not Caused by Malware
Your iPhone can run into a few issues that seem like viruses, but really have nothing to do with them.
If your phone is running slowly, you probably need to free up some space or replace your battery due to Apple’s throttling. Seeing ads in Safari is an unfortunate reality of browsing the web, but most aren’t invasive or malicious.
And don’t forget about multi-device vulnerabilities like KRACK that affected iPhones before Apple patched them.
Jailbreaking Is a Security Risk
Thus, the ordinary iPhone user is unlikely to encounter viruses on their device. However, we have left out the most serious security risk for iOS users: jailbreaking. If you’re unfamiliar with jailbreaking, it enables you to obtain administrator rights on your iPhone in order to circumvent Apple’s limitations. On a jailbroken iPhone, you may instal applications from any source and customise the operating system in ways that are not normally possible.
While this provides you with more capabilities, it also significantly increases your exposure to attack. With fewer of Apple’s security measures in place, a jailbroken iPhone user may instal malicious applications or become a target of an attack.
Jailbreaking has declined in popularity, in part because iOS now allows users to accomplish more out of the box. Apple’s enhanced security has also played a role; developers must devise new methods to jailbreak each iOS release. Thus, jailbreaking is no longer worth the work or danger.
What About iOS Antivirus Apps?
You might wonder why the App Store has plenty of antivirus apps available if there’s little risk of malware on iOS. When you take a look at these apps, however, it’s evident that they really don’t provide any utility.
Apps like Lookout, Avira, and Norton don’t scan for viruses on your iPhone. They can’t do this due to the sandboxing we discussed earlier. Yet most offer a similar set of features, including:
- Phone locator and alarm
- Protection from dangerous websites
- Notifications about iOS updates
There’s one problem with this: you already have access to all these features!
The Find My iPhone feature is built into iOS and lets you locate your phone or sound an alarm. Safari and other iOS browsers display warnings if you visit shady sites. And you’ll see a badge on the Settings app when an iOS update is available.
Other features, like VPNs and monitoring your financial accounts, are best left to dedicated apps. While these “antivirus” apps aren’t malicious, they’re at best duplicates of existing features that you don’t need. But at least they offer some features.
Your iPhone Should Never Get Malware
Now that we’ve examined all the angles of malware on iOS, we can answer the question: can your iPhone get viruses?
Theoretically, malware might infect iPhones, but as long as you use caution and follow basic security precautions, your iPhone should remain virus-free. Keep your iPhone malware-free by not jailbreaking it, updating your iOS regularly, and only installing trustworthy applications. While it’s unlikely that you’ll come across an app tainted with malware like XcodeGhost, avoiding unknown developers and programmes can help you remain safe.