Certo AntiSpy vs iVerify- What Is the Best Tool to Detect Spyware on iPhones?

Sophia Taylor

By Sophia Taylor

Updated:

If you are an iPhone user concerned about spyware, you may have noticed that while there are many iOS security apps available, hardly any of them claim to offer spyware or threat detection.  

Two that do promise this capability are iVerify or Certo AntiSpy and we wanted to see how the two products stack up against today’s most common iOS threats. iVerify is an app downloadable from the App Store that is installed onto the iPhone. Certo AntiSpy is installed onto a computer and scans the iPhone over a USB connection.

We ran scans using both tools against test devices infected with 3 of the most common types of iOS spyware and the results are in!

1. FlexiSpy (Hidden spy app)

What is it and how does it work?

This type of iOS spyware is the most powerful and pervasive, and it is also the one that has been around the longest. In order to download and use FlexiSpy, the victim’s iPhone must be jailbroken. Jailbreaking is the process of removing security restrictions put in place by Apple in order to make changes to the iPhone, or allow non-approved apps to be installed.

Once an iPhone is jailbroken, the perpetrator can install the FlexiSpy app which will allow them to remotely monitor all activity from the device including calls, messages, photos and location, as well as remotely turning on the microphone or camera.

The Test:

As it is not currently possible to jailbreak a device running the most up-to-date version of iOS, we conducted the test using a device with an older version of Apple’s software.

To begin with, we performed a jailbreak on a test iPhone 8 running iOS 13.7. We did this using the Unc0ver jailbreak tool. Next, we installed the FlexiSpy spyware app. This device was then scanned with both iVerify and Certo AntiSpy.

The Results:

iVerify – The iVerify app was able to detect that a jailbreak had been performed but not the installation of spyware. This is because iOS apps like iVerify cannot access the full filesystem of the device, and so will not have access to the areas of the phone where the spyware, such as FlexiSpy, is hiding.

Certo AntiSpy – Certo AntiSpy detected the jailbreak and specified the tool used to perform the jailbreak. It also flagged the presence of spyware and was able to give details of the specific spyware program that was installed.


2. Highster (Keylogger)

What is it and how does it work?

This type of iOS spyware is relatively new and takes the form of a keylogger. A keylogger is a piece of software that captures all keystrokes on your mobile device. This will include passwords, text messages, emails, social media posts, messages and comments and even messages that have been typed and not sent.

Keylogging spyware is increasing in popularity, as it can be installed without the need to jailbreak the victim’s iPhone, making it easier and quicker to install than other forms of iOS spyware.

The Test:

To run this test we installed a keylogger in the form of a custom keyboard, from the iPhone monitoring company Highster onto a test iPhone 12 mini running iOS 15.5. We then ran a scan with both iVerify and Certo AntiSpy.

The Results:

iVerify – iVerify failed to identify the keylogger or give any warning or indication that the device may be compromised.

Certo AntiSpy – Certo AntiSpy detected the presence of the keylogger and identified the program as Highster.


3. WebWatcher (WiFi Sync)

What is it and how does it work?

As iPhones have become more secure, spyware developers have become more creative. Webwatcher is a type of spyware that works slightly differently, in that it does not require anything to be installed on the device itself. Instead the hacker must get a hold of the device and configure it to backup all of its data over WiFi to a nearby local computer at regular intervals. Essentially creating a complete copy of the victim’s entire device on the computer. It is this computer, usually belonging to the perpetrator, that contains a small WebWatcher app that will log all of the data from the backup, and present it to the hacker in a neatly presented report.

The Test:

To run this test we set up an iPhone 12 mini running iOS 15.5 to backup over WiFi to a nearby computer that contained the WebWatcher software. We then scanned the iPhone with iVerify and Certo AntiSpy.

The Results:

iVerify – iVerify failed to detect any sign that the device may have been compromised. It did not report any issues with the device and could not detect that it was set up to backup to a computer over WiFi.

Note: iVerify does have a section of the app that explains that WiFi Sync should be disabled if you do not use this feature, but the app itself is not able to tell if it’s been turned on.

Certo AntiSpy – Certo AntiSpy detected that WiFi Sync was enabled. It then explains what this means and gives the user the option of turning WiFi Sync off immediately. Therefore preventing any further backups and stopping the spyware from working.


The Verdict

In conclusion, Certo AntiSpy outperformed iVerify in all 3 iPhone spyware detection tests, making it the clear winner here.

This is not to say that iVerify is not a useful app, it certainly has a place and can offer some useful information around optimizing your settings for security. It also detected the jailbreak, which is a prerequisite for many types of traditional iPhone spyware.

However, owing to restrictions put in place for apps on Apple devices, iVerify does not have the capability to detect most threats on iOS. Even though it was able to detect the jailbreak, it was not able to find the FlexiSpy spyware itself. It also failed to find the keylogger, or flag that WiFi sync had been enabled.

Certo AntiSpy takes a unique approach to threat detection on an iOS device. By running Certo AntiSpy on a computer and analyzing the iPhone over USB it benefits from full access to the device, allowing it to scan any and all areas where spyware might be hiding. It can also identify how settings are configured and where this could make a device more vulnerable. This results in a more thorough and accurate scan than is possible with an iOS app.

If you’d like to learn more about Certo AntiSpy or iVerify you can follow the links below:

Certo AntiSpy by Certo Software

iVerify by Trail of Bits

Cover Image by Freepik