Skip to main content

My iPhone is being remotely controlled by a hacker! (and how to fix it)

Who is remotely controlling my iPhone???


This is a personal story that scared the hell out of me.

On Monday I was awoken by my iPhone alarm telling me that it was time to get up to go to work.   I picked up the phone and looked at the day's calendar.  Ug.  I put it back down in its dock for a couple more Z's.

Seconds later, I heard it clicking.

I looked at my phone, and it looked like someone was typing on it!  Click.  Then a swipe.  And then more clicks.  One of my business apps was being operated, but NO ONE was touching my iPhone!  I was sure that a Hacker was remotely operating my iPhone, digging around for my private data!

This was shocking.  My phone stores a lot of good stuff - my email, photos, finances, passwords and all sorts of other goodies.  If someone compromised my phone they could know where I am.  They could operate the cameras, the microphones - in short, they could know almost everything about me.

It looked like the hacker didn't know what he was doing - he was just bopping around.  Maybe he was just a kid in some far-off land searching for anything of value.  And in the end, I figured out EXACTLY who was to blame.

I quickly decided that immediate action was necessary.

First step: power it down

After taking a quick video of my phone being operated remotely (as evidence), I decided that I should prevent any further damage to my privacy.  I picked up the device and turned on airplane mode.  Then I powered it down.

Second step: wipe

I hooked my iPhone up to iTunes and chose "Backup" to ensure that evidence of the compromise was captured and that any of my remaining data was saved.  Then I performed an iPhone reset via iTunes - which wipes the device and re-installs a brand new copy of the operating system downloaded from Apple.  And then I chose to do a restore, using the logic that my data was OK, it was just a software compromise.

Third step: rebuild

During the restore I had the iPhone restore the apps from the iTunes store - over the air - again using the logic that my apps may have been compromised and there is nothing like getting the latest from iTunes.  I plugged my phone into my iPhone dock and let it pull down the apps wirelessly over WIFI.

Fourth step: passwords!

My phone was compromised, so someone could have got their hands on my passwords as I typed them (keyboard compromise) or by stealing them from poorly behaving app data stores.  So I hopped on my computer and proceeded to change dozens of key passwords (email accounts, Facebook, banking accounts, etc).

Fifth step: WTF!!!

So I was on my computer, in the midst of making my password changes, when I heard my phone clicking on its keyboard again. WTF???  My phone was STILL compromised!  Maybe the low-level firmware was compromised, and even wiping off iOS and all the apps wasn't good enough.  I picked up the phone, and whomever was remotely controlling it stopped!  Undoubtedly the hacker sensed my presence via the motion detector or the camera! VERY SCARY.

Sixth step: Eh?

Then I got to thinking, maybe it was NOBODY.  Maybe my screen was going bad, detecting false touches and swipes.  Hmmm.  I downloaded and installed a "finger paint" program to see what was happening.  Nothing interesting appeared on the screen.  And then I docked it my iPhone, and within in a few minutes, some crazy dots and lines started to appear all on their own, as shown below:
Crazy lines from Paint program

Seventh step: Dang

So I figured my iPhone was dying.  "Dang, out of warranty, still under contract" - this was not great timing.  Then I noticed that the phone was quite warm.  A little more investigation found the power adapter to be rather HOT.  I was running a cheap knockoff USB adapter for the past year - and a little test with a voltmeter showed the knock-off adapter to be providing chaotic power, from 3v to 9v.  Very far away from the 5 volts (±0.55) of the USB standard.

Dangerous knock-off power adapter was the problem all along!


Eighth step: The fix!

So I try all this on another AC adapter, and my "remotely controlled screen" problem completely goes away.  My phone wasn't compromised - it was a very bad (but very official looking) AC Power Adapter.  I chucked the crappy adapter and now I'm back in action.   Yay!

Lesson Learned!

It was all my fault - I bought and used a crappy 3rd party adapter.  It failed in a way that I could never see, and in a way that could have damaged your phone.  Always get a name brand adapter - at least you can go back to them if it damages your phone.  Luckily for me, I suffered no damage*** other than a few hours of paranoia and work.

*** UPDATE: Zapped volume buttons

Soon after this I noticed that my volume buttons stopped working.  I took the iPhone to the shop for repair.  Despite numerous attempts of a repair with new parts, the volume buttons couldn't be fixed.  It was a fault inside the logic board.  I blame the adapter for zapping my iPhone.  A sad story indeed.


Labels:

Popular posts from this blog

Fixing a SodaStream Jet, part 1: Disassembly Guide

I've had my SodaStream Jet for years, and once in a while something has gone wrong. Disassembly is the first step to repair.  Start with this article to see how to disassemble the SodaStream, and then once you have that down, scroll through my other articles to see how I repaired specfic SodaStream problems. SodaStream Jet Disassembly Guide Tools Required Flat head screwdriver Phillips head screwdriver 1. Remove the Carbonator.  Duh. 2. Remove the black panel lever The front big black tilt lever needs to be removed first. Removing this panel is tricky, but it isn't impossible. Looking up at the bottom of the black panel, there are two tabs, one on the left and one on the right. These tabs fully secure the panel in place. The trick is to use a flat-head screwdriver under the plastic to gently lever the tabs out of the way.  Note in the pictures how I approach these tabs with my screwdriver.  I usually release the left side first, and then I release ...
Read more

Porsche Key Remote Battery Repair Video How-To

We now live in the age where part of your life is spending time and money maintaining and repairing things like your car keys . My Porsche's remote key was getting weaker and weaker, until one day it stopped operating altogether. Keyless remote without the remoteness. Not so good. I was a bit fearful spending a sizable chunk of my time and money at the dealership to have such a small problem addressed, and so I decided that I would try to replace the battery myself. Items required A clear work surface A small flat blade screw driver. A quality lithium CR-2032 Battery, available here. Procedure The following video shows how I successfully opened up the key without breaking it, and replaced the alarm remote battery. In short, from the vantage point of the key's steel part facing away and the buttons facing up: I take a small screwdriver and press on the little plastic tab on the left side.  At the same time I use my fingers to start to pull the two halves apart.  From th...
Read more

Macintosh: Upgrading an eMac

It's been a long time since I wrote this article, but the fact remains: The good old eMac can still be useful if you take the simple steps to keep it as good as it can be.  All can run Tiger, and most can run Leopard - great operating systems for their day with a bit of useful life.  This article describes the procedure I used to upgrade my old eMac, including: Replacing the internal hard disk with a large capacity drive. Increasing the memory for performance Upgrading the operating system Here I'm upgrading a 700 MHz eMac, but the procedure and tasks for upgrading other eMac models should be almost identical. Upgrading versus Replacing My sister's eMac is of the 700 mhz variety, with 256 MB of memory. The machine seemed to be getting "slower", and the original 40 GB disk was becoming jammed packed with photos and iTunes, and within a few months she'd be out of disk space. There were two options to address the problems: upgrade the eMac, or go o...
Read more

Robust Installation of an HDHomeRun Networked TV Tuner. 64 OTA channels!

I added an HDHomerun (HDHR) over-the-air (OTA) streaming box to my home network, bringing over-the-air broadcast TV to my computers, phones and tablets.  The HDHR is a big upgrade from my previous setup: using a simple "window mount" antenna directly connected to my TV. A TV-attached antenna is good for watching some TV for free, but the HDHR offers so much more flexibility. Figure 0: HDHomeRun on my basement wall   My original OTA TV setup was haphazard at best. It was finicky, ugly, and hard for other people at home to use. I would actually tape my antenna to a window whenever I wanted to watch OTA TV. Plus, it only worked on my TV and not with my other devices. I wanted a cleaner and more modern OTA setup. After looking at possibilities, I developed two goals: (1) bring my OTA TV into the modern Internet-connected era, and (2) set it up in a reliable and pretty way so that other family members wouldn't have to fool around with the antenna or anything else.  With that,...
Read more

Fixing a SodaStream Jet, Repair #2 - Broken Fill Button

My Soda Stream Jet's fill button broke, which means I can not longer carbonate water by pressing the pushbutton. This caused all sorts of grief in my household. Here is how I managed to repair my Jet to give it another 10 years of life (hopefully). First, a look at the button The fill button on the top of the SodaStream is actually a simple lever. Pressing down on the button moves a pin that does the actual work of pressing open the Carbonator's valve. Unfortunately, the axis point is fairly thin and can see a lot of stress. That's where my Soda Stream button cracked. [ I think the usage tip here is "don't over-press the button like a gorilla, it doesn't do anything but put high stress on the button."] Cracked levering point of the button The Pesky Lever Retaining Pin The Fix It was pretty easy for me to replace the button: Take off the back of the Soda Stream and remove the carbonator. Push out the the button lever's steel retaining pin. This takes qu...
Read more

Adding a Water Flood Sensor to my Vista-20p alarm system

My Honeywell Vista 20p alarm system is fairly comprehensive, but I want one more feature: an alarm that lets me know when my sump pump isn't working properly. Here is how I added one for about $8 in special parts.   I'm afraid of a flood in my finished basement. I'm fortunate - my basement sump pump system is already redundant, with two independent pumps and two outflow pipes. The primary pump kicks in when the water level reaches 6 inches, and if that doesn't work, then the backup pump kicks in when the water level reaches 7 inches.  The backup pump should never kick in unless the primary pump is having a problem pumping.   But there is a problem with this setup: I might never know if my primary pump has failed, leaving me with no redundancy.  I want to be informed when I have one (or god forbid, two) pump failures. My goal is to have my Vista 20p alert me when the sump's water level is ever beyond the point where my primary pump should have kicked in, alertin...
Read more

Other Posts

Show more