Topic Malware Threats

Spyware Removal on Mac, iPhone, or iPad

Spyware specifically targeting Apple devices is rare, but it does exist. In our earlier articles, we covered all the common types of malware and how to deal with them.


Here, we’re taking a closer look at the murky world of spyware targeting Apple products. We’ll explore how spyware can infiltrate your iPhone, iPad, or Mac and exactly what you can do to amp up your immunity against it.

Let’s get into how iPhone spyware works

This is a kind of malware that installs itself on your device and surreptitiously monitors your online activity, relaying your data and personal information to other parties without your knowledge or consent. Pretty creepy stuff, all in all.


iPhone spyware comes in a few different forms. There are common-or-garden-variety spyware apps, as well as iCloud spyware attacks (where hackers figure out your iCloud login details, then snoop on your online activity).


Most insidious of all, however are masque attacks, where a spyware program poses as an update to a reputable app you’ve previously installed on your device.


Before we dive in any further, though, let’s start with a bit of history...

The very first iPhone spyware

Back in 2017, the very first spyware capable of hacking iPhones and iPads was discovered by one of its initial targets, a human rights activist from the United Arab Emirates called Ahmed Mansoor. In spite of Apple’s stringent cyber security capabilities, the Pegasus spyware was able to capitalise on an unknown vulnerability within iOS, jailbreak Apple devices and secretly surveil users.


Pegasus was able to log everything an iPhone does while remaining undetectable. It could read messages, emails, listen in on calls, take screenshots, pull browser history, contacts... the list goes on.

Can spyware still infiltrate Apple products?

Apple quickly issued a security update to patch up any vulnerabilities Pegasus uncovered, but Apple’s problem with spyware continues to this very day.


Just a few months ago, in fact, it was discovered that a paid app in the Mac App Store claiming to combat malware (called Adware Doctor) was actually a piece of spyware. It collected user data across different browsers, then sent it back to a server based in China.


Another spyware app, called Exodus, initially designed for Android devices, recently targeted hundreds of unsuspecting iPhone users.


Even more worryingly, a piece of stalkerware (that’s software that someone who knows you can buy to eavesdrop on your calls and intercept your messages) called mSpy, can also target iPhone users.


On the upside, Apple has recently started cracking down on spyware marketed as parental control apps and sold within the App Store.

Here’s how iPhone users can identify signs of a spyware infection

Most spyware programs are designed to run undetected by the user. This means you could be infected without even knowing.


That said, if your device is exhibiting these symptoms below, it’s possible a piece of spyware has managed to sneak its way in:

  • The Cydia app has been installed. If you haven’t previously jailbroken your device and you see this app, the presence of Cydia can tip you off to a potential spyware app.
  • You’re getting unusual SMS messages. Encrypted SMS message commands are usually how spyware remotely accesses and controls your iPhone. If mysterious, gibberish, code-type messages start appearing on your phone, now’s about the time to get alarmed.
  • Your iPhone battery is overheating. If you’re not on your phone and it remains hot for no apparent reason, there’s a good chance your mobile device has some sort of malware installed.
  • It’s also draining quickly. Experiencing a significant reduction in your battery power, even though you haven’t changed any settings or installed any new apps? This could well be a sign that your iPhone is infected with spyware.
  • You’re hearing background noise. Is your phone making static noises or echoing while you’re on a call? While isolated cases of this are usually due to a spotty connection, if you’re regularly hearing background noise, it could be a sign that somebody’s recording your call.
  • There’s unaccounted-for data usage. Spyware apps run 24/7 and consume a lot of data. If you notice a sudden spike in your usage patterns (and your phone bill), this could well be attributed to spyware or some other form of malware.
  • You discover an app that you don’t remember installing. To cross-check any unknown apps against your full list of installed apps from the App Store, simply tap the Apps icon at the bottom of the store, followed by your profile photo and Purchased.

How to remove spyware from your iOS device

1. Remove suspicious apps

On your iPhone, you’ll need to press and hold on to any app for a few seconds, until the apps start doing a little jiggly dance. Locate the spyware app, then delete it by tapping the little “x” icon in the upper left-hand corner.

2. Update your iOS to the latest version

Apple works tirelessly to implement extra layers of security to protect our devices from all types of malicious software. However, you’ll need to keep your device continually updated to benefit from the latest security updates and patches.

3. Physically secure your iPhone

While some spyware can be installed remotely, much of the time the perpetrator needs to have physical access to your iPhone. So make sure you have PIN codes or biometric authentication set up on all devices to avoid the risk of anyone tampering with them in person.

4. Change Apple ID password

If you suspect any signs of spyware on your iOS device - change the Apple ID password right away.

On your iOS device:

  1. Go to Settings
  2. Tap your name - navigate to the Password & Security tab
  3. Tap Change Password
  4. If signed into your iCloud with a passcode enabled, enter the passcode for your iOS device once prompted
  5. Follow the onscreen steps to change your Apple ID password

5. Turn on 2FA

If you haven't enabled 2FA (2-Factor Authentication) yet, do this to give your account an extra layer of protection.


When you sign into your personal account, 2FA will require you to enter an additional code previously generated and sent to your device. This way, no one will access your account information without entering this code.

6. Factory reset your iPhone

The least popular method. If none of the above-mentioned options worked - try to factory reset your iPhone.


If you’ve tried sniffing out the offending piece of spyware to no avail, fortunately, Apple has one easy-to-implement and possible last resort - the factory reset. Of course, this option is far from ideal if you’ve been less than diligent about backing up your important files in the past, which is why we usually recommend a hard restore if nothing else works.

Remove spyware from your Mac

1. Delete suspicious apps on your Mac

To remove apps:

  1. Click on Finder
  2. Select Applications
  3. Sift carefully through all of your installed apps for any that are unfamiliar or look suspicious to you. (If in doubt, a quick Google search should help you figure out if you’ve had spyware installed on your device.)
  4. Delete a suspicious app by dragging it to the Trash
  5. Empty the Trash
  6. Click anywhere on the desktop
  7. Click Go in the menu bar and press the Option key
  8. From the drop-down menu choose Library
  9. Type the app’s name in the search field and delete its leftovers

2. Add an extra layer of security to prevent future spyware infestations

A dedicated cybersecurity app for macOS as well as that scans files and apps in real-time for malware, such as Clario, can go a long way towards ensuring your Mac never gets infected again. To give Clario a shot, download our free 7-day trial (no credit card needed). 

Read more:

Keep reading

With our anti-malware on, viruses have no chance of passing through.

Download Clario
Click here to start installing

Run Application

Double-Click on MacKeeper.pkg

Click Continue