How can I tell if my iPhone 11 is hacked?

Teener17 wrote:

Yes I know that I wouldn’t understand the analytics in any way just curious if that meant anything. This wouldnt be a case where someone wants monetary gain it’s more likely that it’s just being strange and spying. That type of thing. I don’t think anyone I don’t know is doing it but when things change right before your eyes it’s hard to ignore when you are not doing anything to have it happen. I look online and try to do my research but I was also curious of different ideas on how I can have the phone looked at if I do not have a Apple Store in my area

If you still think your iPhone is hacked, contact Apple Support and ask them to run a remote diagnostics. They are the ones that can read your analytics and can tell you what it means.

Contact Apple Support - Apple Support

Teener17 wrote:

I guess I replied at 9:09am when it’s 12:10 . I’m new to iPhone so I am still learning but it’s hard to figure out at first. Not exactly the most technically inclined. Thank you for your response and not being rude.

If you’ve not already seen this Apple doc, here is the iPhone user guide: iPhone User Guide - Apple Support.

Asking “hey, why is [whatever detail you don’t understand]?” or ”where can I get info about [whatever]?” can work quite well. Starting with a conclusion — “hacked”, in this case — can sometimes delay getting answers, or can sometimes take discussions in unexpected directions.

Malware does exist for iPhone yes, but it’s been exceedingly expensive and targeted*, based on available reports. Most security compromises are due to password exposure and password re-use, due to phishing and related scams, and these password exposures then too often combined with Apple Accounts not having the last-chance two-factor authentication defense enabled.

Scams are very common. Scams are far more common than actually-hacked iPhones. Scams including fake claims of payments to Apple or other entities and other fake bills, the ever-popular fake “(3) viruses found!” fake virus scans, electronic toll scams, and the on-going “pervert” creative-writing scams, among many others. Here are a very few examples:

Recognize and avoid social engineering schemes including phishing messages, phony support calls, and other scams - Apple Support

As mentioned above, iPhone telemetry and related logs are just filled with ominous and scarily-worded and utterly benign diagnostics data, too. Malware goes out of its way to try to avoid leaving any traces in logs, too. That can include deleting the logs, which means you’re actually looking for, well, nothing in the log. But again, this stuff is rare, expensive, and targeted.

*If you’re an investigative journalist, political dissident, senior in government or private entities, with access to sensitive or classified data, active in military or defense or intelligence organizations, with access to great wealth, or have peeved a seriously wealth adversary (with budgets of many millions and billions of dollars), you can be targeted. The rest of us, not so much.

Please provide any screenshots that concern you as there has been nothing expressed that can be used to identify any problem. If you have no access to your Trusted Phone Number, you can certainly edit that number or add a different one including your device phone number. To edit the number go to Settings > [name on top] > Password & Security, and tap Edit on the Trusted Phone Number.

If you are using a Text App that has two factor authentication, then that has nothing to do with two factor authentication on your Apple Account. You would need to check with that service for any changes to two factor authentication. Apple provides Two Factor Authentication to secure your Apple Account, and if your account with another service has been compromised, then you will have to deal with them including changing the password for that service, which is not the same as your Apple Account. For example, a WhatsApp account can be compromised and someone else can sign into the service with your password and text people as if it was you and also read your texts. That does not mean your iPhone has been hacked or compromised, it simply means they know your WhatsApp password and likely gained it through a phishing message.

You are working in the right direction and some issues have been cleared up, such as seeing the model identifier in analytics showing 12,1 and you now know that is actually your iPhone 11 with that identifier. That should make you feel better with just that bit of knowledge.

We can explain your other concerns much better with screenshots to visualize what you are seeing. It is very difficult to provide assistance on suspicions.

Paragraphs are your friend, and everyone else's when they try to read your responses.

We see this pretty often on these forums. People who think one phone after another they buy has been immediately hacked. You cannot get them to see that the hacker is in their account, not their phone.

I was told by an ex who is a computer engineer working for apple that if you use someone’s WiFi they can access everything.

And he, or she, is wrong. You would have to grant access on a connection request before any such thing could happen. A person on the same router has no more access to your device than anyone sending you emails or text messages. You'd have to somehow get past iOS' defenses, first. And that's almost impossible.

We have two Macs, two iPads and two iPhones all connected to the same router in our home. Since all sharing options are off by default, I cannot see what's on any of the other devices through the router. Not even my own devices.

was I wrong for posting here.(?)

No. Asking questions is how we all learn.

You did not see an iPhone 12 in your analytics. What you saw was the model identifier of 12,1 which is YOUR iPhone 11. The problem is that you are reading the analytics and simply do not understand what they are telling you. They are not user friendly and not intended for user diagnosis. The only purpose is for Apple when they are requested by an Engineer after a support ticket has been opened for an issue you have reported. They may request the log files if they need additional information, but it is not the usual case.

The fact that you had a conversation with someone that may have an iPhone 12 and accused them of spying on you from the data you read from the analytic logs is the exact reason why you should not be reading them. The model identifier seen in the analytic logs is not the same as the device model number. The iPhone 12 would show a model identifier of 13,2 and the iPhone 12 Pro would show a model identifier of 13,3.

Stay away from the analytic logs and if you have a problem, then describe that issue only with as much detail as you can and you can also include screenshots to help visualize what you are seeing.

Kurt Lang wrote:

…

That it isn’t as complicated as some think with the proper equipment.

More nonsense and hogwash. There is a one-click attack to break into a phone. But again, this is software that costs one to two million dollars PER DEVICE to use. Is your data worth that much money?

A clarification: The zero- and one-one-click remote exploits for recent and current devices are very expensive and very rare, yes.

There are, however, available exploits, given physical access to iPhone 5s through iPhone X models.

The available exploits do not work on iPhone models with Apple A12 and later processors, which means the available exploits do not work for more recent iPhone (this including iPhone 11 models) running recent iOS versions.

It is this Apple A11 and earlier gear which the reports about “the proper equipment” will typically reference.

And there can be exploits against older iOS versions, as well.

First of all, your iPhone is most certainly not hacked. The only way your iPhone can be hacked is if it was physically jailbroken. Even so, that takes a lot of money and expertise to do so, and they don’t just target the average person.

Second, you should not be reading your iPhone’s analytics as they are only meant to be understood by Apple employees with special training and software. Analytics can have a lot of interesting things we don’t understand that may raise questions.

Third, whoever you were talking with that said they hacked your iPhone, they were just lying and were probably a scammer who was trying to get your personal information or card information.

I don't know who you're listening to, but you need to stop.

I know a couple people who have the capability to access devices.

They have no such special access. As already mentioned by myself and MrHoffman, direct access requires the use of extremely expensive nation-state developed software. Unless you have data that is only on your phone and is worth that much money to access, you are not a target.

Anyone who does access your data is anyone who knows (or manages to guess) both your Apple ID and password. With that information, they can login to your iCloud account as you from any other device and see everything you sync to iCloud. Contacts, Message, photos, etc. And that still doesn't give them access directly to your phone. Anything you don't sync to iCloud will not be visible.

That it isn’t as complicated as some think with the proper equipment.

More nonsense and hogwash. There is a one-click attack to break into a phone. But again, this is software that costs one to two million dollars PER DEVICE to use. Is your data worth that much money?

I also have to use someone else’s WiFi and I happened to go under the WiFi one day and I hit edit and another account popped up that I did not recognize.

Of course you did. You will see any devices on the same side of the router. And that still doesn't give them access to your phone.

So, I went through **** last year and just recent again with ALL my emails, two factor's , etc. changed and locked out of. I still had a working phone number appearing that way so I don't know how it was possible for passwords to be changed, two factor deleted, phone deleted, any associated email deleted and then Locked out of accounts because too many password changes and requires days to get it back while in the mean time, can't do anything on the phone, also means anything digital because everything requires sign in and verification.

This is long but my recent story that I thought someone hacked my phone too.... well what I think is they were able to get to my devices, all three apple phones, imac and MacBook, Dell and HP windows computers started with the Dell since its windows 10?? Or just the fact I used the same password a couple years ago for everything. Since changed due to last year lock out for almost a month and cause unlucky to have lock my phone in a Lyft in another state on way to airport!!!! Trying to port your number takes some time and having simple information as account number and making sure the sim isn't locked, no sim restrictions and if you can esim.

There isn't much you can really do except file police reports and notify ISP, Mobile provider, utilities, and more. I.E. Eventhough I had to wifi for two whole weeks, it said my usage was 500GB or 1 TB, but I brought it up and said they should look into it cause it caused them a customer cause I switched.

Amen

I've changed the lock to a electric combo lock.

[Edited by Moderator]

Your iPhone has not been hacked. Not unless you have data on it with a value of at least $100,000 (on the lowest end), since that's the minimum cost to try and directly access an iOS device.

Stop looking in the analytics. There's nothing there the user can make sense of. Even Apple runs them through an interpreter to make the results more human readable.

That you managed to find notations on the WiFi only means exactly what it says; you're using the same router. That's it.

Teener17 wrote:

I guess I replied at 9:09am when it’s 12:10 . I’m new to iPhone so I am still learning but it’s hard to figure out at first. Not exactly the most technically inclined. Thank you for your response and not being rude.

No worries, we are glad to have assisted you. You’re very welcome.