iPhones have a long-held reputation for being safe and secure when it comes to viruses and malware. While this is well-earned, no electronic device is completely safe from hackers and other digital ne’er-do-wells. So here’s how to find out if your iPhone has a virus and what you can do about it.
Has your iPhone got a virus?
First things first: It’s very unlikely that your iPhone is infected with a virus. For a more detailed look at this fascinating topic, read do iPhones get viruses? but we can briefly sum up the reasons why you’re probably in the clear.
The App Store vets all submitted software for potential threats, and while mistakes are occasionally made (there are literally millions of apps to check), this mostly keeps iOS free from nasty agents. In fact, the majority of successful malware attacks on iPhones have been directed at models that have been jailbroken, which gives the owner access to software that hasn’t been checked by Apple employees. Such unofficial app stores are far more likely to suffer from viruses and malware-laden apps. The good news in either case is that iOS’s sandbox structure should prevent the malware attack from getting access to other applications (in order to spread itself) or to the underlying operating system.
If you’re experiencing issues with performance in general, or with particular apps, this is far more likely to be caused by a bug than by a malicious threat, and these may be rectified by something as simple as restarting your device, or running available software updates. Should you still have suspicions after that, you can follow some of the steps outlined below to check for something more sinister.
One quite common problem we’ve heard of is people being inundated with calendar appointments and assuming that this means they have an iPhone Calendar Virus. There is no iPhone Calendar Virus and your calendar has not been hacked. What has most likely happened is a spam text message has caused appointments to be added to the calendar. We have a separate article that discusses how to remove spam from your iPhone’s Calendar.
Potential signs of malware on your iPhone
Malware and viruses don’t like to announce their presence, lest you become aware that they are on your system, but there are some quirks or abnormalities that can indicate they are at work. It’s worth remembering that some of the factors outlined below can usually be applicable to hardware problems or software glitches too, so if you see them it doesn’t automatically mean you have a virus.
Sudden drops in battery life
If your battery life takes a rapid decline, this could indicate that malware is using up system resources, which in turn is draining the power. Try checking your Battery Health in Settings > Battery > Battery Health & Charging to see if it’s a hardware problem or a potential infection.
Foundry
iPhone is getting hot for no reason
If you’ve ever played a graphically demanding game on your iPhone, you’ll know that all the computation involved can cause the device to get pretty hot. Should you see this behavior when the iPhone isn’t doing anything particularly taxing, it may be that a virus is running processes in the background. Try turning the device off and on to rule out a runaway app that needs resetting. If the behavior persists you should take it to an Apple Genius bar.
New apps you don’t remember installing
One clear indication that malware is present on your system is when you notice apps appearing that you didn’t install. It’s a good idea to uninstall them immediately and see if this helps fix other problems.
Apps frequently crashing
Again, this can be a problem with the system or potentially the memory in your iPhone, but it’s also possible that malware is causing certain apps to crash all the time. Try updating the apps to see if this helps.
Random pop-up messages
Receiving pop-up boxes out of the blue can be a sign that things are not well with your iPhone. These can be a way to trick you into giving permission for things, as the text you’re reading isn’t necessarily what you’re agreeing to. If you’re worried that something may be amiss, turn your iPhone off and back on again to see if the pop-up disappears.
Sudden increases in data or call use
Malware will often try to hijack your iPhone and make calls to premium numbers, send data or even take part in cryptocurrency mining, all of which will drain your data or give a nasty surprise when the phone bill arrives. If you spot this, there’s a very good chance your device is infected.
Digging deeper to find what’s causing the problem
The main questions when trying to work out what has happened to your malfunctioning iPhone or iPad are these:
Have you jailbroken your device?
If so, have you installed an application from a non-official source whose authenticity is questionable? If the answer to both is yes, you may have a malicious piece of software on your device and should attempt to isolate and uninstall the culprit.
Does the unexpected behavior manifest itself when you use certain apps only?
If this is the case–and particularly if it’s only one app–then you’re probably looking at an app-specific issue, and we’ll deal with this in due course. As a rule of thumb, common behavior exhibited by apps that have been hijacked include redirecting you to an unfamiliar web page in Safari, and opening the App Store without permission.
Does the unexpected behavior manifest itself when you use any app?
If the problem continues to occur no matter which apps are open, the chances are that your device is misbehaving because of a hardware problem, an iOS change that you’re not used to yet, or because you or another user of the device has changed a setting, perhaps inadvertently. It’s extremely unlikely that malware has penetrated to the heart of the operating system; this would be essentially unprecedented. In any of these cases we would take the device to an Apple Genius Bar.
Is a compromised app causing the problem?
Rather than a virus affecting iOS itself, it’s possible that you’ve simply got a problem app.
This doesn’t necessarily mean the app is bad or that the developers are at fault; conversely, the fact that an app is legitimate or was made by a reputable company doesn’t mean it can’t be hijacked by malware or hackers. Because hackers cannot break into iOS itself, one of their most common strategies is to crack a developer kit, which may in turn be used by unwitting app developers. The crooks thus gain the ability to redirect you to a dodgy website when you use the app that was built using the compromised tool.
It’s usually obvious when one particular app is the culprit, because you only have problems when using it. The usual giveaway sign is that, when you’ve got that app open, you will periodically be redirected to a web page, or to the App Store, without your permission.
If you think one app is the problem, first of all have a look to see if an updated version of the app is available, since the problem may have been noticed and fixed. Also check the app’s website (if it has one) and/or the developers’ Twitter feed (if they have one) to see if the issue has been reported or discussed in those places. If the devs are contactable then you should report the issue to them. They may be able to offer a solution right away, but even if they can’t, they are more likely to find a fix if they know about it.
Assuming that updating the app doesn’t solve the problem, uninstall it and try to manage without for a while. If the problem disappears then you’ve found your culprit, and it’s time to decide if you can manage without the app in the long term. Even if you do decide to delete the app permanently, however, remember that you can check in with the developers from time to time and see if a satisfactory update has materialized.
Clear history and website data
Here’s a quick tip that may resolve web page redirect problems. Go to Settings > Safari > Clear History and Website Data, then tap Clear History and Data to confirm.
Power off and restart
Another simple method to clear out a software problem is to power down your device and then restart it. This won’t necessarily get rid of a virus, but it can help if an app is playing up.
To do this, hold down the side button and volume up button until the screen changes and the ‘slide to power off’ slider appears. On an iPhone with Touch ID, you just need to hold down the power button until you see the slider. In either case this should take about four to five seconds. Finally, use the slider to power down the device.
To restart the phone, hold down the power button or side button again. This time it should take about 10 seconds. The Apple logo will appear; at this point you can let go of the button. Wait until the passcode entry screen appears (you need to enter a passcode instead of using Touch ID/Face ID the first time you unlock a phone after powering up) and then unlock the device.
Has this fixed the problem? If not, you may need to take more drastic measures.
Restore your iPhone from backup
We trust that you back up your iPhone on a regular basis. If so, it’ll be easy to restore your iPhone from the most recent backup and see if the problem is removed.
If this doesn’t work, you may have included the malware or other problem when you backed up the contents of your iPhone, so try restoring from the second most recent backup, then the one before that, and so on. Hopefully you will find a backup that pre-dates the problem and you’ll be able to proceed from there.
For a more detailed look at how to do this, read how to restore an iPhone from backup.
Restore your iPhone as a new device
If none of your backups are malware-free, or the only backups that are malware-free are unusable for some other reason, you may be better off starting from scratch.
Wipe your iPhone by going to Settings > General > Transfer or Reset iPhone > Erase All Contents and Settings, then enter your passcode and confirm the process. Wait for the erasure to complete, and then set up the iPhone as a new device.
Foundry
We describe this process in more depth in separate articles: How to reset an iPhone and How to set up a new iPhone.
Once you’ve completed setup you’ll need to reinstall the apps you want to use (although remember that if an app seemed to be causing the problem you should try living without it for a while and see if things are better), reload songs, photos and videos and get the settings back to the way you like them. It’s a pain, but hopefully you’ll only need to do it this once.
How to protect your iPhone from malware
Update iOS or iPadOS regularly. We recommend not jailbreaking, and if you do, you need to be especially careful about the software you install and the sources you download it from. And be careful of ‘social engineering’ attacks: don’t open links if you’re unsure where they come from.
Should I use antivirus software on my iPhone or iPad?
The sandboxed nature of iOS means that third-party apps don’t have the kind of system-wide access that is required to fully secure a device. Apple would of course argue that this is the reason why iOS is so secure.
Due to this, there isn’t much in the way of dedicated antivirus software for iPhone and iPad. There are some packages available, though, with one of our favorites being Bitdefender, which covers privacy controls, data use monitoring, warnings about potentially dodgy websites and VPNs to protect you when using public Wi-Fi. (On the latter front, check our roundup of the best iPhone VPNs for dedicated advice.)
The weakest part of any system, however, is usually the person using the device. Hackers these days often try to trick people into giving away information or logging into fake sites so they can harvest your data. Always remain vigilant when using your iPhone if you want to keep it secure. For more general advice on protecting yourself from hackers, malware writers and other miscreants, read our iPhone security tips.