Why don't researchers care about iOS malware?



  • I see Android malware being mentioned when reading peer reviewed papers about malware detection for smartphones, but iOS is never mentioned.

    Even Malwarebytes says:

    Historically, iOS has never been completely free of malware, but it has mostly been limited to one of two scenarios: Either you jailbroke your device, hacking it to remove the security restrictions and installing something malicious as a result, or you were the target of a nation-state adversary.

    Why does (almost) no one seem to care about malware for iOS? I assume it's because malware for iOS is not a problem, but why? Are iPhones more secure then Android by default? If so, how?

    A comment mentioned that the reason no one cares about this is because of market share. According to Fortune there are 700 million iPhones in circulation as of 2017. That's not an insignificant amount of people!

    I found a research paper from 2020 about malware detection on iOS and they clearly state in the second paragraph of their introduction:

    Yet currently, not much existing research related with detection for iOS malwares such as by [8-12]. Hence, this research will tackle this gap by developing a new iOS mobile malware detection model.

    And their Abstract (emphasis mine):

    There are raising cases of mobile malwares exploiting iOS users across the world such as FinSpy and Exodus that were able to steal credential information from the victims and affect loss of victims' productivity. Yet, not many solutions were able to encounter iOS malware attacks. Hence, this paper presents a new iOS mobile malware classification based on mobile behaviour, vulnerability exploitation inspired by phylogenetic concept. The experiment was conducted by using hybrid analysis. Proof of concept (POC) was conducted and based on the POC it indicated that this proposed classification is significant to detect the malware attacks. In future, this proposed classification will be the input for iOS mobile malware detection.



  • I see Android malware being mentioned when reading peer reviewed papers about malware detection for smartphones, but iOS is never mentioned.

    The problem here is that you are reading papers about malware detection, which is next to impossible on non-jailbroken iPhones. All apps installed on iPhones are tightly sandboxed, so even if you install any security app on your iPhone, it can't scan any files that aren't its own (which, obviously, is pretty useless for finding the malware). So instead, the research is mostly focused on infection vectors (of which there is plenty).


    Android isn't less secure. Its just that it grants you more freedom. For example you can sideload apps which haven't gone through the Play Store vetting process. So it's easier for the bad guys to target androids. Just write a malicious app and then find someone stupid enough to click through the warnings and sideload it onto their device. Androids also have a larger user base so its easier to find someone who can be tricked into installing your app.

    On top of that, there are plenty of outdated android devices which are no longer supported by their vendors but are still in use. These devices don't receive security updates so they have known vulnerabilities and are therefore easy to infect.

    When you combine this with the fact that it's easier to scan android devices for malware, it's obvious why more research has gone into android malware detection and analysis.



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2