This month, we’ve been reporting on different spyware products available to hackers on the commercial market. These products are cheap, effective and most of the time, go completely unnoticed by the victim. Hackers use spyware to retrieve a wide range of different data types from a victim’s device. This could include sensitive information such as passwords, text messages, emails, etc. On top of that, using certain spyware, hackers could also gain the ability to copy data such as live video and photos from the phone’s camera or record phone calls, video calls and VOIP calls.
This is why we created Certo AntiSpy, because we want to ensure that you have the ability to keep you and your family safe from those who are looking to hack your devices. If you want to protect yourself from these types of threats, click here for more information.
In this article, we’re going to be looking at one of the most popular iPhone monitoring tools on the market. Not only does it allow a third party to steal data, but it’s worth noting the unique way in which it can be used to compromise a device’s security and the user’s privacy.
WebWatcher is one of the leading providers of iPhone monitoring tools. Their product, despite being marketed as a parental monitoring app, is often misused as spyware that allows someone to silently monitor and collect data from an iOS device.
The interesting thing about WebWatcher is the way an attacker uses it to access data from an iPhone.
Normally, a spyware product would require a hacker to jailbreak a device and install the spy app – a process that requires a certain level of technical ability and knowledge. This can also leave traces of foul play on the device that can be detected by software such as Certo AntiSpy. There is also the possibility that installing spyware on a jailbroken device will cause it to act strangely and affect regular performance.
With WebWatcher, nothing is installed on the phone. It instead uses a feature called “iTunes WiFi Sync”, which is an in-built iOS feature used to backup an iPhone to a user’s computer on the same network – as opposed to using a USB connection.
This feature is instead used by WebWatcher as a way to retrieve the data from the phone onto a computer on the same network. This could either be the attacker’s computer or the victim’s own computer. In addition to this, the hacker can also setup a feature that will cause the iPhone to automatically backup all of its data to the computer every time the phone is synced via the network (usually this is overnight, when connected to WiFi).
Here’s a rough idea of how it might look when a hacker uses WebWatcher to spy on a victim:
- Hacker purchases the WebWatcher software.
- Hacker downloads and installs the WebWatcher software onto the computer.
- Hacker then takes the victim’s phone and enables “iTunes WiFi Sync”. They also set up the phone to back up to the computer every night when the phone is on charge.
- The WebWatcher software will recognise the new phone backup data synced to the computer and will upload this information to the WebWatcher Servers.
- The hacker can then log into their WebWatcher account from anywhere in the world to view the contents of the victim’s phone at the time it was last backed up to the computer.
Because WebWatcher uses a legitimate iPhone feature and no malicious software is physically installed onto the device, this can make it especially hard to detect – particularly if you are not aware that this type of hack might have been implemented.
Is WiFi Sync Enabled?
One way to detect if WebWatcher might have been used for your phone is to see if the “iTunes WiFi Sync” feature is activated on your phone. Here’s how to do this:
On your device, go to Settings > General. If the “iTunes WiFi Sync” option is visible (check the images below) then your device is set up to automatically sync with a computer.
IMPORTANT NOTE: This method only applies to iOS 12 devices or older. Apple removed this option from the Settings app in iOS 13, meaning the “iTunes WiFi Sync” option will not show even if the feature is set up. To know for sure, keep reading…
SOLUTION – Scan with Certo AntiSpy
Certo AntiSpy can scan your iPhone for spyware and other security vulnerabilities that could put your personal data at risk. As part of this scan, Certo AntiSpy will check if the “iTunes WiFi Sync” feature is activated on your device and alert you if so. This method works for any iOS version.
So you’ve followed the steps in this guide to protect your iPhone from WebWatcher, but what about other iOS spyware? At Certo we’ve got you covered with Certo AntiSpy.
Our industry-leading software is the only tool for iOS that can detect a wide range of spyware attacks and can detect if your phone has been silently jailbroken – allowing you to keep your device and personal data safe.