iOS Malware Stats Facts

Many iOS owners have been hoodwinked into believing their iPhone or iPad is safe against malware. The reality is quite different. The latest research reveals that iOS malware is on the rise, which is why we have compiled the latest statistics and facts on iOS malware.

Understanding the latest iOS malware statistics helps increase awareness of threats to iPhones and iPads. iOS devices are not invulnerable to exploits, and taking iOS device security seriously is vital. This guide will help you learn the latest iOS malware statistics to better prepare yourself to secure your device.

1. New malware for iOS grew by more than 70% in 2020

According to a report by the antivirus company McAfee, iOS malware has increased rapidly in the last few years. It noted that in 2020, the amount of malware for iPhones and iPads went up by more than 70% compared to the year before, with a huge surge in the first quarter of the year. This trend is expected to continue as hackers focus on targeting all mobile internet users with malicious apps.

New iOS malware

2. Since 2020 there has been a 50% rise in mobile banking

As consumers begin to use online banking apps more frequently, they are becoming increasingly victimized by cybercriminals seeking to defraud them. Malware variants like GoldPickaxe.iOS are sophisticated banking trojans designed to steal facial recognition data and identity documents and intercept SMS messages to gain unauthorized access to iOS victims’ banking accounts.

3. NSO Group sold Pegasus malware that hacks iOS devices

In 2016, news emerged that the Israeli surveillance tech company NSO Group had been selling a spyware package called Pegasus. On various occasions since then – including in 2021 and again in 2023 – Apple was forced to issue updates to patch vulnerabilities being exploited by Pegasus.

The Pegasus malware allowed NSO Group clients, often government agencies, to snoop on iOS devices of targets. The malware exploited a zero-day vulnerability in iOS that allowed threat actors to hide code within images sent via iMessage. These malicious messages unloaded the Pegasus spyware to take over the iPhone’s functions and engage in targeted surveillance.

Apple’s continuous updates and patches in response to these threats underscore the ongoing cat-and-mouse game between cybersecurity professionals and cybercriminals or espionage-focused actors. This highlights the challenges even the most secure platforms face in maintaining user privacy against state-level spyware tools.

4. Multi-stage social engineering scheme used to infect victims

According to the latest research from Group-IB, the Chinese hackers behind GoldPickaxe are using sophisticated multi-stage social engineering schemes to trick users into downloading Mobile Device Management (MDM) software. This software allows the hacker to update iOS software and device settings remotely. Cybercriminals install secondary payloads and take full control of the victimized iPhone or iPad device.

5. Sideloading exposes iOS users to apps that contain malware

According to research by Apple, sideloading apps is a chief reason for malware infection among iOS users. Apple recommends not downloading apps through direct downloads or from third-party app stores. It also reminds users that actively supporting sideloading would “cripple the privacy and security protections that have made iPhone so secure and expose users to serious security risks.”

6. Apple has had to patch numerous iOS zero-day vulnerabilities

Although consumers have been encouraged to believe that Apple’s Mac devices and iOS are more secure, it’s important to acknowledge that Apple has had to patch several zero-day vulnerabilities over the past few years.

These vulnerabilities, if exploited by hackers, could allow unauthorized access to the device by bypassing iOS’s sandbox security measures. Apple actively releases patches to fix these types of vulnerabilities – which serves as a reminder that no system can be entirely immune to threats.

7. Only 28% of users worldwide are using iOS

According to Silent Breach, 97% of mobile malware affects Android rather than iOS users. Panda Security, by contrast, says that Android users are 50% more likely to be attacked than iOS users. While we can agree that Android is still more heavily attacked, these stats are partly influenced by the fact that  70% of mobile users worldwide use Android.

Don’t let these stats give you a false sense of confidence. Security experts agree that iOS threats are growing.

8. The number of dangerous third-party iOS app stores is growing

Guardsquare says a search for “alternative iOS app store” returns more than 200 million results. This is a reminder of how easy it is to run into third-party app repositories known to contain cloned and malicious apps. These can seriously undermine the privacy and security of your iOS device.

9. The Apple App Store is vulnerable to malicious apps

According to Guardsquare, 2% of the top 1000 highest-grossing apps on the Apple App Store are scam apps. The security company claims those apps have amassed over $48 million in revenue.

This is a reminder that the Apple App Store is not completely invulnerable to malicious apps. We encourage you to carefully consider whether you need an app before installing it as this will reduce the likelihood of installing malicious apps.

10. iOS apps can be bad for your privacy

Although iOS has a reputation for being better for user privacy, some apps may still have invasive permissions. Always consider the permissions required by each app you install.

Pressing the “Ask app not to track” button does not always guarantee that the app won’t continue to perform some tracking in the background. For example, the popular iOS game Subway Surfers has been found to send 29 different data points about an iPhone to a third-party advertising company.

11. iMessage can be the source of infections on iOS

According to Kaspersky’s Secure List, iOS users have been infected by messages received on the iMessage app. These messages contain an attachment containing the exploit. Once installed, these apps can communicate with a Command and Control (CnC) server that allows hackers to install secondary payloads and perform device takeover.

12. Jailbreaking an iOS device massively increases the chance of being victimized

DataProt reminds users that Jailbreaking an iOS device can circumvent the wall garden approach to security in the iOS operating system. This increases the security risks associated with malicious apps and can increase the opportunity for hackers to gain root access to the device, all its apps, and all stored information.

13. Apple has warned users in 90+ countries of “Mercenary Spyware Attacks”

Apple issued iOS users in nearly 100 countries a warning that said it had noticed well-funded state-sponsored attempts to compromise iPhone devices. According to Apple, these sophisticated attacks could allow hackers to “remotely compromise” an iPhone.

Apple previously released a feature called Lockdown Mode to allow users concerned about these kinds of sophisticated targeted attacks to add a stronger layer of security to their devices.