How to Detect Ransomware on iPhone or iPad

Download Article
Download Article

This How.com.vn teaches you how to find clues that your iPhone or iPad is infected with ransomware. There’s only one thing to look out for—a demand for payment in exchange for your data or safety.

Part 1
Part 1 of 3:

Knowing If You Are Infected

Download Article
  1. How.com.vn English: Step 1 Look for your apps.
    If almost all of your apps are missing from your home screen, then you probably have ransomware on your iOS device. Note, however, if your device is connected to an organization, they can manage your device remotely and hide all the apps except those related to your work at the company.
  2. How.com.vn English: Step 2 Check your settings for a management profile.
    Go to Settings > General > Profiles and Device Management and look for any unknown management profiles. Most iOS devices cannot get ransomware. Ransomware is usually installed as an unremovable management profile from the Internet, sideloaded from an infected computer, or downloaded as the result of jailbreaking your iOS device.
    Advertisement
  3. How.com.vn English: Step 3 Watch out for push notifications from unknown apps.
    If your phone or tablet is infected, you’ll see a notification from an app that demands payment to give you back your data or security. These pop-ups may appear out of the blue, or they may occur when doing a specific action (like pressing the Home button).

    Most ransom messages on iPhone and iPad are scams and require no action. If you get a message in your browser informing you that your iPhone has been disabled, do not pay the ransom—instead, clear all browser data to remove the message. Similarly, if you get an SMS or iMessage informing you that your data has been encrypted, delete the message and report it as junk to Apple or 7726.

  4. How.com.vn English: Step 4 Search for the message online.
    Ransomware hold your data for ransom until you pay up. If you don’t pay up, data in your phone or tablet will become encrypted, making it inaccessible. Try searching for the message you see in a search engine like Google to find out if other people have had success freeing their data.
  5. How.com.vn English: Step 5 Do not pay to get your data back.
    Even if you pay, there’s no guarantee the ransomware will be removed. In fact, it may just reactivate. Instead, find a way to remove the ransomware from your iPhone or iPad, and be prudent in trying to prevent it in the future.
    6. Advertisement
Part 2
Part 2 of 3:

Avoiding Ransomware

Download Article
  1. How.com.vn English: Step 1 Only install apps from the App Store.
    This is especially important if you’ve jailbroken your iPhone or iPad. Apps from the App Store are reviewed and vetted, so they should be safe for the most part.
    • Occasionally some rogue app may appear on the App Store. Apple usually catches these pretty quickly. Just be sure to read app reviews and stick to apps you’ve heard of.
  2. How.com.vn English: Step 2 Back up your iPhone or iPad often.
    This way, if your phone or tablet does get infected, you can restore your data right away. See Back Up Your iPhone to get started.
  3. How.com.vn English: Step 3 Always use the latest version of iOS.
    Apple updates usually include fixes to security issues that could make your iPhone or iPad vulnerable to malware (including ransomware). See Update iOS to learn how to get the latest version of the system.
  4. How.com.vn English: Step 4 Never share personal information over email or text message.
    If you receive a request for this type of information, delete it immediately. Replying with info could open you up to phishing attacks.
    5. Advertisement
Part 3
Part 3 of 3:

Removing Ransomware

Download Article
  1. How.com.vn English: Step 1 Attempt to remove management profiles.
    Go to Settings > General > Profiles and Device Management, then tap on the management profile to remove. Tap on "Remove Profile" at the bottom of the screen, then enter your passcode.
    • Some profiles cannot be removed, in which case, you will have to reinstall iOS.
  2. How.com.vn English: Step 2 Back up your device.
    Unless if you are jailbroken or on an outdated version of iOS, the most ransomware can do is hide your apps or control settings on your device, not encrypt your data. You will be able to restore your device from backup after all is done.
  3. How.com.vn English: Step 3 Power down your device.
    You may have to hard reset it.
  4. How.com.vn English: Step 4 Connect your iPhone to your computer.
    Make sure that it is powered down.
  5. How.com.vn English: Step 5 Enter DFU mode.
    To do so, follow these instructions:
    • iPhone 6 and earlier/iPad before 2018: Hold the power button for five seconds. Hold the home and power buttons for ten seconds. Release the power button, continue holding the home button until the device is recognized by iTunes.
    • iPhone 7: Hold the power button for five seconds. Hold the volume down and power buttons for ten seconds. Release the power button, continue holding the volume down button until the device is recognized by iTunes.
    • iPhone 8/iPad 2018 and later: Press the volume up button, then the volume down button, then the power button for five seconds. Hold the volume down and power buttons for ten seconds. Release the power button, continue holding the volume down button until the device is recognized by iTunes.
  6. Step 6 Choose "Restore [Device]..."
    This will reinstall iOS on your phone.
  7. How.com.vn English: Step 7 Restore from an iCloud or iTunes backup when you are done.
    Your data should be intact. Note, however, you will have to reinstall any apps that are not available on the App Store from their respective sources.
    8. Advertisement

Expert Q&A

Ask a Question
200 characters left
Include your email address to get a message when this question is answered.
Submit
      Advertisement

      Tips

      Submit a Tip
      All tip submissions are carefully reviewed before being published
      Submit
      Thanks for submitting a tip for review!

      Warnings

      • Never pay the ransom. There is no guarantee that doing so will actually remove the ransomware, and it is illegal in some countries. Also, it encourages hackers to continue making more ransomware.[1]
        Thanks
      • Always have a secure Apple ID password. Many hackers will attempt to lock your device with Find My Device to get you to pay up. If you do not have a secure Apple ID password, hackers can set a passcode on your iPhone, lock your Mac, or erase your device entirely, even if you have two-factor authentication enabled. If any of this happens, you will not be able to get your data back.
        Thanks
      Advertisement

      You Might Also Like

      How.com.vn English: Create a Virus
      How to
      Create a Virus
      How.com.vn English: Get a Computer Virus2 Ways to Give Your Computer a Virus On Purpose
      How.com.vn English: Locate Viruses Using the Attrib Command
      How to
      Locate Viruses Using the Attrib Command
      How.com.vn English: Detect and Remove Keyloggers
      How to
      Detect and Remove Keyloggers
      How.com.vn English: Tell if Your Computer Is Infected by a Trojan Horse
      How to
      Tell if Your Computer Is Infected by a Trojan Horse
      How.com.vn English: Does Factory Reset Remove VirusDoes a Factory Reset Remove Viruses? What You Need to Know
      How.com.vn English: Detect MalwareHow to Detect and Remove Malware From Your Computer
      How.com.vn English: Remove MalwareHow to Remove and Prevent Malware on a Computer
      How.com.vn English: Remove a Worm Virus
      How to
      Remove a Worm Virus
      How.com.vn English: Know if You Have Spyware on Your Computer
      How to
      Know if You Have Spyware on Your Computer
      How.com.vn English: Get Rid of Trojan Horses
      How to
      Get Rid of Trojan Horses
      How.com.vn English: Scan Your Computer for Viruses
      How to
      Scan Your Computer for Viruses
      Advertisement

      References

      1. https://www.ic3.gov/Media/Y2016/PSA160915

      About This Article

      How.com.vn English: Nicole Levine, MFA
      Written by:
      Nicole Levine, MFA
      How.com.vn Technology Writer
      This article was co-authored by How.com.vn staff writer, Nicole Levine, MFA. Nicole Levine is a Technology Writer and Editor for How.com.vn. She has more than 20 years of experience creating technical documentation and leading support teams at major web hosting and software companies. Nicole also holds an MFA in Creative Writing from Portland State University and teaches composition, fiction-writing, and zine-making at various institutions. This article has been viewed 35,922 times.
      How helpful is this?
      Co-authors: 6
      Updated: March 6, 2024
      Views: 35,922
      Categories: Computer Viruses
      Thanks to all authors for creating a page that has been read 35,922 times.

      Is this article up to date?

      ⚠️ Disclaimer:

      Content from Wiki How English language website. Text is available under the Creative Commons Attribution-Share Alike License; additional terms may apply.
      Wiki How does not encourage the violation of any laws, and cannot be responsible for any violations of such laws, should you link to this domain, or use, reproduce, or republish the information contained herein.

      Notices:
      • - A few of these subjects are frequently censored by educational, governmental, corporate, parental and other filtering schemes.
      • - Some articles may contain names, images, artworks or descriptions of events that some cultures restrict access to
      • - Please note: Wiki How does not give you opinion about the law, or advice about medical. If you need specific advice (for example, medical, legal, financial or risk management), please seek a professional who is licensed or knowledgeable in that area.
      • - Readers should not judge the importance of topics based on their coverage on Wiki How, nor think a topic is important just because it is the subject of a Wiki article.

      Advertisement