Many believe that you can’t get viruses on your iPhone from websites.
However, this myth has been thoroughly debunked.
For example, researchers from Google’s Project Zero discovered malicious websites that have successfully targeted iPhones for over two years. Attackers achieved this by exploiting vulnerabilities related to the mobile browser. If you visited one of the malicious websites, it was enough for the exploit server to infiltrate your device and install a monitoring implant, or spyware.
This spyware allowed hackers to gain unlimited access privileges and extract the following data:
- Messages from messenger apps such as Telegram, Skype, WhatsApp, and iMessage
- Mail messages from Gmail, Outlook, Yahoo and apps
- A history of your calls and SMS
- The device’s location if GPS is enabled
Furthermore, the contents of the data were transmitted in unencrypted, plain-text. This means that if your iPhone connected to a public W-Fi network, then everyone else can view your sensitive data such as messages, passwords, and more.
Does this mean iPhone threats are a thing of the past?
Apple’s developers fixed this in early February 2019, which means iPhones are protected from these specific vulnerabilities.
However, this event portrays how iPhones are not the invincible device that so many people think they are – and yes, iPhones can get viruses, even from websites. New vulnerabilities can pop up at any time, and it’s entirely possible for hackers to exploit them while security researchers never discover or patch them. Thus, you should always practice mobile security best practices.
- Always update your iOS to the latest version. The newest updates usually fix vulnerabilities that developers find.
- Be wary of unknown ads, e-mails, links, and messages.
- Don’t visit suspicious websites. Just because you have an iPhone doesn’t mean you can’t get infected.
In conclusion, iPhones can get viruses from visiting malicious websites. With that said, the number of potential viruses that could affect your iPhone is miniscule compared to the thousands of known viruses that could infect your PC. Still, new iOS vulnerabilities can appear at any time, so exercise caution.
Apple’s iOS system is well known for its closed security model, which takes a walled garden approach. This approach requires 3rd party apps to be thoroughly vetted before making it onto the App Store, protecting you from malicious apps.
As a result, this leads to people believing that iPhones can only get a virus if you download a malicious app from the App Store (if it even makes its way there), and that it is virtually impossible to get infected through Safari or another mobile browser. Of course, as we discussed above, we know that this is not true.
In contrast, Android devices are at greater risk of being infected by malware. First, while iOS is a closed system, Android’s operating system is open source, which allows hackers to tinker with the code and find vulnerabilities. Second, it’s the carriers – not Google – that choose when or if to patch the security updates on certain model phones. Phone makers can also put out modifications to the Android operating system, and if there’s a vulnerability in the code, then hackers can exploit that. This OS fragmentation creates a much more fertile environment for malware.