How to Detect Ransomware on iPhone or iPad

PDF download Download Article
PDF download Download Article

This wikiHow teaches you how to find clues that your iPhone or iPad is infected with ransomware. There’s only one thing to look out for—a demand for payment in exchange for your data or safety.

Part 1
Part 1 of 3:

Knowing If You Are Infected

PDF download Download Article
  1. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/a\/a1\/Detect-Ransomware-on-iPhone-or-iPad-Step-1-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-1-Version-3.jpg","bigUrl":"\/images\/thumb\/a\/a1\/Detect-Ransomware-on-iPhone-or-iPad-Step-1-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-1-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    If almost all of your apps are missing from your home screen, then you probably have ransomware on your iOS device. Note, however, if your device is connected to an organization, they can manage your device remotely and hide all the apps except those related to your work at the company.
  2. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/b\/b0\/Detect-Ransomware-on-iPhone-or-iPad-Step-2-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-2-Version-3.jpg","bigUrl":"\/images\/thumb\/b\/b0\/Detect-Ransomware-on-iPhone-or-iPad-Step-2-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-2-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    Go to Settings > General > Profiles and Device Management and look for any unknown management profiles. Most iOS devices cannot get ransomware. Ransomware is usually installed as an unremovable management profile from the Internet, sideloaded from an infected computer, or downloaded as the result of jailbreaking your iOS device.
    Advertisement
  3. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/8\/8b\/Detect-Ransomware-on-iPhone-or-iPad-Step-3-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-3-Version-3.jpg","bigUrl":"\/images\/thumb\/8\/8b\/Detect-Ransomware-on-iPhone-or-iPad-Step-3-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-3-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    If your phone or tablet is infected, you’ll see a notification from an app that demands payment to give you back your data or security. These pop-ups may appear out of the blue, or they may occur when doing a specific action (like pressing the Home button).

    Most ransom messages on iPhone and iPad are scams and require no action. If you get a message in your browser informing you that your iPhone has been disabled, do not pay the ransom—instead, clear all browser data to remove the message. Similarly, if you get an SMS or iMessage informing you that your data has been encrypted, delete the message and report it as junk to Apple or 7726.

  4. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/4\/47\/Detect-Ransomware-on-iPhone-or-iPad-Step-4-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-4-Version-3.jpg","bigUrl":"\/images\/thumb\/4\/47\/Detect-Ransomware-on-iPhone-or-iPad-Step-4-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-4-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    Ransomware hold your data for ransom until you pay up. If you don’t pay up, data in your phone or tablet will become encrypted, making it inaccessible. Try searching for the message you see in a search engine like Google to find out if other people have had success freeing their data.
  5. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/2\/21\/Detect-Ransomware-on-iPhone-or-iPad-Step-5-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-5-Version-3.jpg","bigUrl":"\/images\/thumb\/2\/21\/Detect-Ransomware-on-iPhone-or-iPad-Step-5-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-5-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    Even if you pay, there’s no guarantee the ransomware will be removed. In fact, it may just reactivate. Instead, find a way to remove the ransomware from your iPhone or iPad, and be prudent in trying to prevent it in the future.
    6. Advertisement
Part 2
Part 2 of 3:

Avoiding Ransomware

PDF download Download Article
  1. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/2\/26\/Detect-Ransomware-on-iPhone-or-iPad-Step-6-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-6-Version-3.jpg","bigUrl":"\/images\/thumb\/2\/26\/Detect-Ransomware-on-iPhone-or-iPad-Step-6-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-6-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    This is especially important if you’ve jailbroken your iPhone or iPad. Apps from the App Store are reviewed and vetted, so they should be safe for the most part.
    • Occasionally some rogue app may appear on the App Store. Apple usually catches these pretty quickly. Just be sure to read app reviews and stick to apps you’ve heard of.
  2. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/e\/ef\/Detect-Ransomware-on-iPhone-or-iPad-Step-7-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-7-Version-3.jpg","bigUrl":"\/images\/thumb\/e\/ef\/Detect-Ransomware-on-iPhone-or-iPad-Step-7-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-7-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    This way, if your phone or tablet does get infected, you can restore your data right away. See Back Up Your iPhone to get started.
  3. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/a\/a0\/Detect-Ransomware-on-iPhone-or-iPad-Step-8-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-8-Version-3.jpg","bigUrl":"\/images\/thumb\/a\/a0\/Detect-Ransomware-on-iPhone-or-iPad-Step-8-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-8-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    Apple updates usually include fixes to security issues that could make your iPhone or iPad vulnerable to malware (including ransomware). See Update iOS to learn how to get the latest version of the system.
  4. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/6\/63\/Detect-Ransomware-on-iPhone-or-iPad-Step-9-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-9-Version-3.jpg","bigUrl":"\/images\/thumb\/6\/63\/Detect-Ransomware-on-iPhone-or-iPad-Step-9-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-9-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    If you receive a request for this type of information, delete it immediately. Replying with info could open you up to phishing attacks.
    5. Advertisement
Part 3
Part 3 of 3:

Removing Ransomware

PDF download Download Article
  1. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/8\/88\/Detect-Ransomware-on-iPhone-or-iPad-Step-11-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-11-Version-3.jpg","bigUrl":"\/images\/thumb\/8\/88\/Detect-Ransomware-on-iPhone-or-iPad-Step-11-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-11-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    Go to Settings > General > Profiles and Device Management, then tap on the management profile to remove. Tap on "Remove Profile" at the bottom of the screen, then enter your passcode.
    • Some profiles cannot be removed, in which case, you will have to reinstall iOS.
  2. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/c\/c2\/Detect-Ransomware-on-iPhone-or-iPad-Step-12-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-12-Version-3.jpg","bigUrl":"\/images\/thumb\/c\/c2\/Detect-Ransomware-on-iPhone-or-iPad-Step-12-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-12-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    Unless if you are jailbroken or on an outdated version of iOS, the most ransomware can do is hide your apps or control settings on your device, not encrypt your data. You will be able to restore your device from backup after all is done.
  3. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/7\/79\/Detect-Ransomware-on-iPhone-or-iPad-Step-13-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-13-Version-3.jpg","bigUrl":"\/images\/thumb\/7\/79\/Detect-Ransomware-on-iPhone-or-iPad-Step-13-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-13-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    You may have to hard reset it .
  4. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/7\/76\/Detect-Ransomware-on-iPhone-or-iPad-Step-14-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-14-Version-3.jpg","bigUrl":"\/images\/thumb\/7\/76\/Detect-Ransomware-on-iPhone-or-iPad-Step-14-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-14-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    Make sure that it is powered down.
  5. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/8\/8d\/Detect-Ransomware-on-iPhone-or-iPad-Step-15-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-15-Version-3.jpg","bigUrl":"\/images\/thumb\/8\/8d\/Detect-Ransomware-on-iPhone-or-iPad-Step-15-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-15-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    To do so, follow these instructions:
    • iPhone 6 and earlier/iPad before 2018: Hold the power button for five seconds. Hold the home and power buttons for ten seconds. Release the power button, continue holding the home button until the device is recognized by iTunes.
    • iPhone 7: Hold the power button for five seconds. Hold the volume down and power buttons for ten seconds. Release the power button, continue holding the volume down button until the device is recognized by iTunes.
    • iPhone 8/iPad 2018 and later: Press the volume up button, then the volume down button, then the power button for five seconds. Hold the volume down and power buttons for ten seconds. Release the power button, continue holding the volume down button until the device is recognized by iTunes.
  6. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/d\/d9\/Detect-Ransomware-on-iPhone-or-iPad-Step-16-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-16-Version-3.jpg","bigUrl":"\/images\/thumb\/d\/d9\/Detect-Ransomware-on-iPhone-or-iPad-Step-16-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-16-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    This will reinstall iOS on your phone.
  7. {"smallUrl":"https:\/\/www.wikihow.com\/images\/thumb\/3\/33\/Detect-Ransomware-on-iPhone-or-iPad-Step-17-Version-3.jpg\/v4-460px-Detect-Ransomware-on-iPhone-or-iPad-Step-17-Version-3.jpg","bigUrl":"\/images\/thumb\/3\/33\/Detect-Ransomware-on-iPhone-or-iPad-Step-17-Version-3.jpg\/aid9997106-v4-728px-Detect-Ransomware-on-iPhone-or-iPad-Step-17-Version-3.jpg","smallWidth":460,"smallHeight":345,"bigWidth":728,"bigHeight":546,"licensing":"<div class=\"mw-parser-output\"><p>License: <a target=\"_blank\" rel=\"nofollow noreferrer noopener\" class=\"external text\" href=\"https:\/\/en.wikipedia.org\/wiki\/Fair_use\">Fair Use<\/a> (screenshot)<br>\n<\/p><\/div>"}
    Your data should be intact. Note, however, you will have to reinstall any apps that are not available on the App Store from their respective sources.
    8. Advertisement

Expert Q&A

Ask a Question
200 characters left
Include your email address to get a message when this question is answered.
Submit
      Advertisement

      Tips

      Submit a Tip
      All tip submissions are carefully reviewed before being published
      Submit
      Thanks for submitting a tip for review!

      Warnings

      • Never pay the ransom. There is no guarantee that doing so will actually remove the ransomware, and it is illegal in some countries. Also, it encourages hackers to continue making more ransomware. [1]
        Thanks
      • Always have a secure Apple ID password. Many hackers will attempt to lock your device with Find My Device to get you to pay up. If you do not have a secure Apple ID password, hackers can set a passcode on your iPhone, lock your Mac, or erase your device entirely, even if you have two-factor authentication enabled. If any of this happens, you will not be able to get your data back.
        Thanks
      Advertisement

      You Might Also Like

      How to
      Create a Virus
      2 Ways to Give Your Computer a Virus On Purpose
      How to
      Locate Viruses Using the Attrib Command
      How to
      Detect and Remove Keyloggers
      How to
      Tell if Your Computer Is Infected by a Trojan Horse
      Does a Factory Reset Remove Viruses? What You Need to Know
      How to Remove and Prevent Malware on a Computer
      How to Detect and Remove Malware From Your Computer
      How to
      Get Rid of Trojan Horses
      How to
      Remove a Worm Virus
      How to
      Know if You Have Spyware on Your Computer
      How to
      Scan Your Computer for Viruses
      Advertisement

      References

      1. https://www.ic3.gov/Media/Y2016/PSA160915

      About This Article

      Thanks to all authors for creating a page that has been read 36,265 times.

      Is this article up to date?

      Advertisement