How to remove a virus from an iPad or iPhone
IOS malware is rare but not unknown. Here’s how to detect – and get rid of – viruses on your iPhone or iPad. David Price reports
Some people think iPhones never get viruses; in fact they do – but it’s very rare. Rather than an a virus, it’s more likely that you’re seeing a misbehaving advert in an app you use regularly, triggering behaviour that is intended to convince you that iOS is infected and you need to download an app to fix it, or redirecting you to a dodgy URL or a page on the App Store.
However, if you’re convinced that your iPhone or iPad has a virus, worm or other form of malware, read on to find out how to remove it, as well as how to avoid these problems in the first place.
How to find out if your iPhone has got a virus
Technically speaking, a virus is a piece of code that inserts itself into another program, whereas a worm is a standalone program in its own right; both seek to propagate themselves by hijacking messaging applications or via social engineering.
The iOS platform has seen a number of attacks that fit the first definition, when attackers have inserted malicious code into respectable apps or hijacked the developer tool used to create them. And although compromised apps should be caught at the App Store’s approval stage, those who have jailbroken their devices can download apps from other sources and may inadvertently install something dangerous.
In either case, however, iOS’s sandbox structure should prevent the malware attack from getting access to other applications (in order to spread itself) or to the underlying operating system.
What’s causing the problem?
The main questions when trying to work out what has happened to your malfunctioning iPhone or iPad are these:
Have you jailbroken your device? And if so, have you installed an application from a non-official source whose authenticity is questionable? If the answer to both is yes, you may have a malicious piece of software
on your device, and should attempt to isolate and uninstall the culprit.
Does the unexpected behaviour manifest itself when you use certain apps only? If so – and particularly if it’s only one app – then you’re probably looking at an app-specific issue, and we’ll deal with this in a moment. Common behaviour exhibited by apps that have been hijacked include redirecting you to an unfamiliar web page in Safari, and opening the App Store without permission.
You may also be able to find the route of the problem using a dedicated antivirus app for iOS such as Bitdefender Mobile Security ( fave.co/2Ty78p8).
This will then protect you from future security threats, and adds web protection, a VPN and remote lock and wipe.
If the problem continues to happen no matter which apps are open, the chances are that your device is misbehaving because of a hardware problem, or because of an iOS change that you’re not used to yet, or because you or another user of the device has changed a setting, perhaps inadvertently. It’s extremely unlikely that malware has penetrated to the heart of the operating system and is causing problems throughout the system; this would be essentially unprecedented. In any of these cases we would take the device to an Apple Genius Bar.
Is a compromised app causing the problem?
Rather than a virus affecting iOS itself, it’s possible that you’ve simply got a problem app. This doesn’t necessarily mean the app is bad or that the developers are at fault; conversely, the fact that an app is legitimate or was made by a reputable company doesn’t mean it can’t be hijacked by malware or hackers.
Because hackers cannot break into iOS itself, one of their most common strategies is to crack a developer kit, which may in turn be used by unwitting app developers. The crooks thus gain the ability to redirect you to a dodgy website when you use the app which uses the compromised tool.
It’s usually obvious when one particular app is the culprit, because you only have problems when using it. The usual giveaway sign is that, when you’ve got that app open, you will periodically be redirected to a web page, or to the App Store, without your permission.
If you think one app is the problem, first of all have a look to see if an updated version of the app is available, since the problem may have been noticed and fixed. Also check the app’s website (if it has one) and/or the developers’ Twitter feed (if they have one) to see if the issue has been reported or discussed in those places. If the developers are contactable, then you should report the issue to them; they may be able to offer a solution right away, but even if they can’t, they are more likely to find a fix if they know about it.
Assuming that updating the app doesn’t solve the problem, uninstall it and try to manage without for a while. If the problem disappears then you’ve found your culprit, and it’s time to decide if you can manage
without the app in the long term. Even if you do decide to delete the app permanently, however, remember that you can check in with the developers from time to time and see if a satisfactory update has materialized.
Clear history and website data
Here’s a quick tip that may resolve web page redirect problems. Go to Settings > Safari > Clear History and Website Data, then tap Clear History and Data to confirm.
Power off and restart
Hold down the power button until the screen changes and the ‘slide to power off’ slider appears. (This should take about four to five seconds.) Then slide the slider so the phone powers down. The screen will turn black. (On an iPhone without a Home button, such as the iPhone 11 Pro, you’ll have to hold the power button and the
volume down button at the same time.) To restart the phone, hold down the power button again. This time it should take about 10 seconds. The Apple logo will appear; at this point you can let go of the power button. Wait until the passcode entry screen appears (you need to enter a passcode instead of using Touch ID/Face ID the first time you unlock a phone after powering up) and then unlock the device.
Has this fixed the problem? If not, you may need to take more drastic measures.
Restore your iPhone from backup
We trust you regularly back up your iPhone. If so, it’ll be easy to restore your handset from the most recent backup and see if the solution has been removed.
If this fails, you may have backed up the contents of your iPhone including the malware of other problem, so restore from the second most recent backup, then the one before that and so on. Hopefully you will find a backup that predates the problem and you’ll be able to proceed from there.
Restore your iPhone as a new device
If none of your backups are malware-free, or the only backups that are malware-free are unusable for some other reason, then you may be better off starting from scratch.
Wipe your iPhone by going to Settings > General > Reset > Erase All Contents and Settings, then enter your passcode and confirm the process. Wait for the erasure to complete, and then set up the iPhone as a new device.
Once you’ve completed setup you’ll need to reinstall the apps you want to use (although remember that if an app seems to be causing the problem you should try living without it for a while and see if things are better), reload songs, photos and videos and get the settings back to the way you like them. It’s a pain, but hopefully you’ll only need to do it this once.
How to protect your iPhone from malware Update iOS or iPadOS regularly. We recommend not jailbreaking, and if you do, you need to be especially careful about the software you install and the sources you download it from. And be careful of ‘social engineering’ attacks – don’t open links if you’re unsure where they come from.