Last week, several opposition leaders in India received an identical message on their iPhones. “State-sponsored attackers may be targeting your iPhone,” the message read.
Among the politicians who received the alert were Trinamool Congress MP Mahua Moitra, MP and chief of the All India Majlis-e-Ittehadul Muslimeen party, Asaduddin Owaisi, Shiv Sena MP Priyanka Chaturvedi and Congress leader Shashi Tharoor and party's spokespersons, Pawan Khera and Supriya Shrinate.
However, the tech giant Apple on October 31, issued a statement saying that it does not attribute “state-sponsored attack” alerts to any specific state-sponsored attacker. "It’s possible that some Apple threat notifications may be false alarms, or that some attacks are not detected. We are unable to provide information about what causes us to issue threat notifications, as that may help state-sponsored attackers adapt their behaviour to evade detection in the future,” the statement said.
Well, just the idea of someone else infiltrating our smartphone can be truly unsettling. Furthermore, unlike the high-end tech giant Apple, many Android phones are not even built in a way to alert users about potential remote breaches. BOOM spoke to experts who outlined potential indicators of a phone hack and offered advice on how to address such suspicions on our part.
What are the potential signs of a hacked phone?
Speaking to BOOM, security researcher Sayaan Alam enlisted multiple signs which can indicate that a phone has been compromised. "These include unexplained battery drain, unusual data usage, and presence of screen-sharing mobile applications such as TeamViewer or AnyDesk (when they are not consciously downloaded by the owner) on the phone. When we notice these unusual behaviour on our devices, it's essential to investigate further to determine whether the phone has been hacked," he said.
Adding on to the list of suspicious signs, Ashish Jha, co-founder of Bluefire Redteam, a cybersecurity firm, told BOOM that the sudden disappearance of certain messages on our devices when we attempt to open them might indicate a potential hacking attempt.
He further added, "Many applications we download often request OTPs for verification purposes. Occasionally, these OTPs are automatically entered without manual input. This behaviour could be a potential red flag for a hack, as malicious apps employ this tactic to gain unauthorised access to our devices."
What are the ways in which a phone can be hacked?
According to Alam, phones can be hacked via installation of malware and malicious apps, falling victim to phishing attacks, or even gaining physical access to the device.
Talking about a recent case of a hacked phone, Alam explained, "A victim contacted me and told me that someone called them for Paytm KYC and asked to install the AnyDesk application on their mobile. The person installed it as per the instruction and ended up losing all their documents and photos as the mobile phone was running itself from the scamster's end."
Highlighting the most sought-after way being used by hackers nowadays, Jha said, "Sharing malicious links, in the garb of a photo editing app or an AI app, via social media has become exceedingly easy and popular now. These links get clicks very easily and in no time hackers get access to an individual's financial details."
Circulating malicious links via encrypted WhatsApp messages or embedding them in the YouTube video descriptions is also very common. "For instance, you get a malicious pdf or any other media file on WhatsApp and you open it via a local file manager. This can also be used by hackers to gain access to your phone," said Jha.
Jha also cautioned against using unsecured free WiFi, as it can be a potential hacking tactic. He said, "Suppose you travelling on a train and we usually have a habit of connecting to the free IRCTC WiFi. However, that WiFi connection could be a malicious one and just have the same name as IRCTC."
He told BOOM how to differentiate a secured WiFi connection from an insecure one. "Once you are connected to the unsecured WiFi and you try to search something on Google, one must be wary of the link which Google is fetching. If it is 'http' instead of 'https', then that is a sign of an unsecured WiFi."
How to respond to a suspected phone hack?
One must run antivirus software on their devices on the slightest suspicion of hacking. These software flag if the device has been hacked. Talking about the successive steps, Alam advised isolating the device by disconnecting from the internet immediately and checking for unusual applications, if any, and uninstalling them right away. "If the problem still persists, the victim should to take a backup of their data and factory reset their mobile phone," he said.
Uninstalling the suspicious app is a default step, however, as pointed out by Jha, one may not be able to uninstall it if it is a sophisticated application. "The best resort, in this case, is to factory reset it."
A factory reset of a phone, also known as a hard reset or master reset, is a process that erases all the data and settings on the device, restoring it to its original factory condition. The feature is available in the 'Settings' option of every mobile phone.
Some of the antivirus apps recommended by Jha include, ESET Mobile Security, Malwarebytes, Norton Mobile Security, TotalAV and McAfee Total Protection.
In addition to the standard security practices that individuals should regularly adopt to enhance their protection against potential hacks, Alam suggested enabling two-factor authentication (2FA) on their accounts for added security and using encrypted messaging apps for private communications. "Keep a backup of your data regularly so that you don't lose your data in case of compromise," he added.