How can iPhones get a virus

iPad / iPhone Do I need a virus scanner on the iPhone?

display

Every PC user knows how important a virus scanner is. After all, security loopholes and attackers who smuggle in malware threaten the computer every day. Blackmail Trojans like Locky block computers and blackmail users, while other malware harms files or the computer itself. Accordingly, it seems to be logical to use virus scanners on the iPhone or iPad as well. However, this is not necessary. Why? Well there are several reasons:

This is why you don't need virus protection on your iPhone:

  1. Apple says you don't need a virus scanner: Apple is officially taking action against virus scanners in the App Store. In 2015 there was a big deletion threshold, in which all alleged antivirus solutions from Apple were thrown out of the store. Since then, well-known products have appeared in the store again and again - such as Norton or McAfee - but they are not virus scanners, but "security tools" with little added value.
  2. The iOS operating system is not suitable for virus scanners: But why does Apple have something against virus scanners? This is because, at best, they can achieve a placebo effect, in other words: they do not offer a safety bonus. A look at the construction of the iOS operating system provides an explanation: Each app runs in its own protected environment, a so-called sandbox. Virus scanners also work accordingly in a sandbox so that they cannot access other apps and the operating system. That makes them useless.
  3. There is only the App Store as a software source: In addition, Apple eliminated one of the main transmission paths for malware from the outset: Viruses and Trojans come in most cases through the installation of software on the Windows PC: This can be an installer disguised as a document or a manipulated setup file from a download Website or file sharing exchange. All things that are not possible on the iPhone - because software is only available from the App Store. After checking by Apple. Android devices, on the other hand, can access a large number of app stores that have been significantly poorly checked - the risk of a malware nestling here is much higher. Virus scanners for Android can therefore be quite useful.
  4. The iPhone market share is too small: If a pest infects a monoculture, it has an easy time of it - this is no different with computers than in agriculture. Accordingly, the great waves of viruses in the past were mostly linked to Windows PCs: With a 90 percent market share, the Windows system offers ideal possibilities for spreading and is therefore particularly interesting for attackers: The installed base has a similar update status, unpatched security gaps are wide open - and it is easy to infect a large number of computers quickly. With iOS, the global market share is around 20 percent - Android is a much more grateful target.
  5. Apple's iOS has additional security mechanisms: Despite all these security advantages, there are always app developers who try to integrate malware on a small scale. In the past, for example, there were apps that unauthorized access to the camera or copied address data. IOS now has security mechanisms for this: Every app must first ask for permission to access certain system functions or information - it is no different with malware from the App Store.
  6. A virus would be noticed: But even if a virus made it through a website and a security hole in the Safari browser, for example, it would probably be noticed: Today's attackers usually try to steal data, establish botnets or harvest bitcoins - and that can open up Smartphones are definitely noticeable because the system load and battery consumption increase. In addition, all Apple-related news gets around quickly: If an app or website were actually to deliver malware, it would be a hit for the countless Apple blogs and news sites. Apple also reacts quickly to such security vulnerabilities.

Does not apply to jailbroken iPhones

Apple's claim that iOS is a secure operating system is therefore entirely justified. Attackers hardly have a chance of depositing a virus or Trojan on the iPhone, at least by using the classic way of installing malware. Conversely, this makes antivirus software unnecessary. However, this only applies to iPhones and iPads in their original state. Those who carry out a jailbreak can easily catch a malware: On the one hand, because the jailbreak bypasses numerous security mechanisms of iOS due to the concept, on the other hand, because the Cydia store is basically open to every developer and there are no control mechanisms here. In addition, jailbreak iPhones cannot always be updated to the latest software version immediately - another risk factor. However, this can only be avoided with caution, because virus scanners are still not available for the iPhone.

The dangers lie elsewhere

But the classic virus is not the most important problem on the iPhone anyway: Phishing attacks, scareware advertising, fake competitions and recall rip-offs - all things that the iPhone cannot handle. Corresponding websites are usually only online for a few hours: Fake PayPal, Ebay, Amazon or online banking sites require the entry of the access data, usually via the threat of blocking the account via email or SMS - so-called phishing attacks. Or fake competitions access contact details that are later used for identity theft. Scareware advertising causes you to install an app that you did not want at all or to give up data that should actually remain with you (e.g. passwords) and call rip-offs collect several euros per minute when you call back while you are in a queue.

The only solution: attention

Unfortunately, there is currently no cure for this type of attack: Fake and phishing websites are rarely online longer, which is why warning systems (to be activated under Settings -> Safari -> Fraud warning) often come into effect too late. Only common sense and a check of the linked URL helps here when an e-mail prompts you to re-enter the account data: Serious providers such as Amazon, Paypal or Ebay do not proceed in this way anyway, they do not "lose" any account data and accordingly do not have to send any e-mails that ask for a new entry. With scareware, it often (but not always) helps to deactivate pop-ups (Settings -> Safari -> Block pop-ups). If you consider these measures, you should always be on the safe side.