How to remove spyware from an iPhone or iPad


Lady using mobile phone

Unfortunately, removing spyware from an iPhone is often more challenging than simply deleting an app. This is because spyware hides deep in the device’s filesystem to try and avoid detection, which means removing the threat isn’t like uninstalling a regular app. However, the steps to rid your iPhone of spyware can be performed quite easily and do not require advanced technical knowledge. This article will guide you through 3 methods of removing iPhone spyware that anyone can do.

Award winning anti-spyware

Uncover and remove spyware and other cyber threats with Certo AntiSpy, the world's leading anti-spyware tool for iPhones.

How to tell if your iPhone has spyware

Concerned about iPhone spyware and want to find out if you’re affected? Before we get into the spyware removal steps, here are the top five things you look out for that may indicate someone is spying on your iPhone:

1. Battery drain

Spyware or stalkerware works by recording specific activity on your iPhone, such as the calls you make, texts your send, or photos you capture. For a spy app to record this information, it will also be active in the background, which can eat through your battery fairly quickly.

Phone batteries will naturally degrade over time. However, suppose you see a sudden drop in battery life. In that case, it could indicate that something is running in the background, and it’s certainly worth further investigation.

2. Overheating

Spy apps can take a lot of resources when active on your device. As such, they will typically make your device run a little hotter than normal. Of course, there are many reasons an iPhone may heat up, but it’s an important sign to look out for.

3. High data usage

Have you noticed higher-than-expected data usage on your device? Most spyware will send recorded data to the hacker using your WiFi or 4G/5G connection. So if you use your phone a lot and it’s infected with spyware, then your data usage will likely increase significantly.

Fortunately, on iPhone, it’s easy to see which apps are using your data. You can view the stats under Settings > Mobile Data.

4. Strange apps

Most iPhone spyware takes the form of a monitoring app. The advanced ones can be made entirely invisible, and you’ll need to run a spyware scan to uncover them. However, most are just like regular apps and can be identified by performing a quick visual audit of installed apps.

Watch out for apps hidden in folders. A common tactic used by cyber-stalkers is to hide spy apps in a ‘Utilities’ folder or other places where their victims may not look.

5. Unknown keyboards

A new type of spyware is emerging that captures everything your type into your keyboard. It takes the form of a custom keyboard on your device, which looks the same as the official Apple one, but gives a hacker direct access to your keystrokes.

This one is relatively easy to detect; just look for any unknown keyboards under Settings > General > Keyboard > Keyboards. By default, there should be two: ‘English (US)’ and ‘Emoji’.

How does spyware get on an iPhone?

There are a few ways spyware or stalkerware could find its way onto your device. It’s not something that happens by accident and, if affected, almost always means someone has physically tampered with your iPhone.

In this section, we’ll break down the five main tactics hackers use to spy on iPhones and how they can make it onto the device.

1. Hidden spy app

This type of spyware has been around for the longest and gives hackers unrestricted access to the victim’s iPhone. It can silently forward text messages, scoop up all of your photos, track your location and even turn on your microphone remotely.

Fortunately, it is one of the more difficult spyware types for hackers to use against iPhones since they would first need to jailbreak your phone. Usually, this is not possible if you have an up-to-date iOS version. If they did manage to jailbreak the iPhone, then all they would have to do is download a spy app and then hide it from view.

2. Keyloggers

We briefly discussed keyloggers above, but this relatively new spyware is becoming increasingly popular with cyberstalkers. This is mainly due to how easy it is to install on iPhone compared to other spying tools.

Keyloggers on iPhones typically take the form of a custom keyboard. For a hacker to install one of these, they would have to get hold of your phone for a few minutes to install the malicious keyboard and set it to default.

3. Tracking apps

The App Store is full of ‘Family Tracking’ apps. Unfortunately, while most of these apps are well-intentioned, cyberstalkers often misuse them to track their victim’s location.

For your device to be affected by a tracking app, the person responsible would have needed access to your device to download it from the App Store.

Pro Tip: Review the apps that have access to your location in the Settings app to see if you have any tracking apps installed.

4. Pegasus

Pegasus was first discovered in 2016 and is certainly on the more advanced end of the spyware spectrum. Developed by the Israeli cyber-arms company NSO Group, previous versions of Pegasus could infect an iPhone remotely just by sending a malicious link via SMS.

Pegasus has a hefty price tag (suspected millions of dollars), and it’s claimed that the spyware is only available to governments. As such, it’s highly unlikely that most iPhone users will ever encounter a targeted attack using Pegasus.

Pro Tip: If you’re worried about Pegasus or other more advanced iOS spyware, turn on Lockdown Mode on your iPhone. It adds an extra layer of protection against these sorts of attacks.

5. iCloud hacking

This type of hacking is not strictly iPhone spyware since no malware is actually installed on the device during the attack. However, it’s important to cover here, as iCloud hacking could be a way for a hacker to access some information from your iPhone if you sync data with iCloud.

In this attack, the hacker would log into your iCloud account and view or download any data you have synced from your device. However, we’re seeing this attack less and less, mainly due to security improvements made by Apple and two-factor authentication now mandatory for Apple IDs. Now, hackers need to know your Apple ID password and physically access a device linked to the account, making it a much more complex attack to pull off.

Stop hackers for good

Combat spyware and other cyber threats with Certo AntiSpy, the world's leading anti-spyware tool for iPhones and iPads.

How to remove spyware from an iPhone

If you’ve uncovered spyware on your iPhone, you’ll probably want to get rid of it immediately. Fortunately, you don’t need a degree in Cybersecurity to clean spyware from your device, and in most cases, you’ll be all done in a few minutes.

Below, we break down seven ways anyone can remove spyware from their iPhone safely and quickly.

1. Remove spyware with Certo AntiSpy

If you use Certo AntiSpy to check for spyware regularly, the option to remove threats is available directly in the app. Just click the “Remove” button next to any identified threats.

We’ll either remove the threat from your device entirely or give you detailed removal instructions specific to spyware found.

How to remove spyware from iPhone

2. Restart your device

It may sound incredibly simple, but restarting your iPhone can often remove many types of spyware from your device.

One of the most intrusive types of spyware relies on your iPhone being jailbroken to give a hacker remote access. However, if you restart your phone, most jailbreaks will be removed, rendering any installed spyware useless. The hacker would then need to find a way to get hold of your device again to re-run the jailbreak.

3. Do a software (iOS) update

Most iPhone spyware relies on out-of-date software, often containing security vulnerabilities. Therefore, ensuring you are running the latest version of iOS is vital for your phone’s security. Keeping updated has two main benefits for protecting against spyware:

Firstly, if there is spyware on your device right now that takes advantage of older security vulnerabilities, then it will be removed as soon as you update to a new iOS version.

Secondly, running the latest version of iOS restricts the options available to a potential hacker, making it much harder to compromise your device.

Pro Tip: Turn on Automatic Updates under Settings > Software Update to ensure you are always running the latest version of iOS.

4. Remove suspicious apps

If you prefer taking a more granular approach to threat removal, manually review all of the apps installed on your device and delete any that look suspicious. Also, remember to check app folders, as hackers often use these to keep their spy apps out of sight.

It’s worth noting that some types of spyware can be hidden from the iPhone’s Homescreen, meaning they could go unnoticed when performing a visual review of installed apps. Run a scan with Certo AntiSpy to find spy apps designed to be completely invisible.

5. Remove unknown Custom Keyboards

We talked about these in a little more detail above. However, if you have unrecognized custom keyboards on your iPhone, they could monitor everything you type and should be removed asap.

To do this, open the Settings app, go to General > Keyboard > Keyboards, and remove any you do not recognize.

Note: By default, there should be two: ‘English (US)’ and ‘Emoji’.

6. Change your Apple ID password

Some hackers will go after your iCloud account instead of targetting your iPhone with spyware. Unfortunately, it can be tricky to detect when someone has been accessing your data held on iCloud. Fortunately, it’s straightforward to protect your account from this attack.

Firstly, you’ll want to change the password for your Apple ID as soon as possible. Doing so will lock any hackers out of your account, meaning they’ll need to work out your new password re-gain access.

Pro Tip: Ensure 2 Factor Authentication is enabled for your Apple ID. If it’s turned on, your account and data are protected from unauthorized remote access, even if someone works out your Apple ID password.

7. Perform a factory reset

Although perhaps extreme, wiping all data from your device is a surefire way to clean your iPhone of any spyware. This method erases all data from the device and re-installs the latest iOS software, returning it to its original ‘factory’ state.

You should perform a backup of your device using iTunes, Finder or iCloud before doing a factory reset to allow all of your data to be restored later.

We recommend restoring your iPhone from a computer. Using the “Erase All Contents and Settings” option in the phone settings may break the device if you have a specific type of spyware. Restoring via a computer is the best way to ensure your device remains operational. To do the reset:

  1. Open iTunes on your PC or Finder on your Mac
  2. Connect your iOS device
  3. Select your iPhone when it appears
  4. In the Summary pane, click “Restore iPhone”
  5. Click “Restore” again to confirm
  6. The device will then restore to factory settings and restart. This can take several minutes to complete
  7. When completed, you can restore all of your data from a backup if you created one earlier.