My iPhone is being remotely controlled by a hacker! (and how to fix it)

Who is remotely controlling my iPhone???

This is a personal story that scared the hell out of me.

On Monday I was awoken by my iPhone alarm telling me that it was time to get up to go to work.   I picked up the phone and looked at the day's calendar.  Ug.  I put it back down in its dock for a couple more Z's.

Seconds later, I heard it clicking.

I looked at my phone, and it looked like someone was typing on it!  Click.  Then a swipe.  And then more clicks.  One of my business apps was being operated, but NO ONE was touching my iPhone!  I was sure that a Hacker was remotely operating my iPhone, digging around for my private data!

This was shocking.  My phone stores a lot of good stuff - my email, photos, finances, passwords and all sorts of other goodies.  If someone compromised my phone they could know where I am.  They could operate the cameras, the microphones - in short, they could know almost everything about me.

It looked like the hacker didn't know what he was doing - he was just bopping around.  Maybe he was just a kid in some far-off land searching for anything of value.  And in the end, I figured out EXACTLY who was to blame.

I quickly decided that immediate action was necessary.

First step: power it down

After taking a quick video of my phone being operated remotely (as evidence), I decided that I should prevent any further damage to my privacy.  I picked up the device and turned on airplane mode.  Then I powered it down.

Second step: wipe

I hooked my iPhone up to iTunes and chose "Backup" to ensure that evidence of the compromise was captured and that any of my remaining data was saved.  Then I performed an iPhone reset via iTunes - which wipes the device and re-installs a brand new copy of the operating system downloaded from Apple.  And then I chose to do a restore, using the logic that my data was OK, it was just a software compromise.

Third step: rebuild

During the restore I had the iPhone restore the apps from the iTunes store - over the air - again using the logic that my apps may have been compromised and there is nothing like getting the latest from iTunes.  I plugged my phone into my iPhone dock and let it pull down the apps wirelessly over WIFI.

Fourth step: passwords!

My phone was compromised, so someone could have got their hands on my passwords as I typed them (keyboard compromise) or by stealing them from poorly behaving app data stores.  So I hopped on my computer and proceeded to change dozens of key passwords (email accounts, Facebook, banking accounts, etc).

Fifth step: WTF!!!

So I was on my computer, in the midst of making my password changes, when I heard my phone clicking on its keyboard again. WTF???  My phone was STILL compromised!  Maybe the low-level firmware was compromised, and even wiping off iOS and all the apps wasn't good enough.  I picked up the phone, and whomever was remotely controlling it stopped!  Undoubtedly the hacker sensed my presence via the motion detector or the camera! VERY SCARY.

Sixth step: Eh?

Then I got to thinking, maybe it was NOBODY.  Maybe my screen was going bad, detecting false touches and swipes.  Hmmm.  I downloaded and installed a "finger paint" program to see what was happening.  Nothing interesting appeared on the screen.  And then I docked it my iPhone, and within in a few minutes, some crazy dots and lines started to appear all on their own, as shown below:
Crazy lines from Paint program

Seventh step: Dang

So I figured my iPhone was dying.  "Dang, out of warranty, still under contract" - this was not great timing.  Then I noticed that the phone was quite warm.  A little more investigation found the power adapter to be rather HOT.  I was running a cheap knockoff USB adapter for the past year - and a little test with a voltmeter showed the knock-off adapter to be providing chaotic power, from 3v to 9v.  Very far away from the 5 volts (±0.55) of the USB standard.

Dangerous knock-off power adapter was the problem all along!

Eighth step: The fix!

So I try all this on another AC adapter, and my "remotely controlled screen" problem completely goes away.  My phone wasn't compromised - it was a very bad (but very official looking) AC Power Adapter.  I chucked the crappy adapter and now I'm back in action.   Yay!

Lesson Learned!

It was all my fault - I bought and used a crappy 3rd party adapter.  It failed in a way that I could never see, and in a way that could have damaged your phone.  Always get a name brand adapter - at least you can go back to them if it damages your phone.  Luckily for me, I suffered no damage*** other than a few hours of paranoia and work.

*** UPDATE: Zapped volume buttons

Soon after this I noticed that my volume buttons stopped working.  I took the iPhone to the shop for repair.  Despite numerous attempts of a repair with new parts, the volume buttons couldn't be fixed.  It was a fault inside the logic board.  I blame the adapter for zapping my iPhone.  A sad story indeed.

No comments:

EasyN WiFi Camera Firmware Upgrade

I wanted to upgrade the firmware of my EasyN WiFi camera.  I just like to keep my firmware up to date.  I am sure it is a security sieve no...