In a recent update to it’s iOS operating system, Apple discovered that there were over 50 apps in the App Store which were maliciously spying on users. Iphone applications, including the very popular video sharing app, TikTok, were found to be accessing the contents of the user’s phone clipboard. Anything that the iPhone user has copied goes directly to the clipboard, including things like passwords, order numbers, banking information, private pictures, and anything else which has been copied. All of this information was then made accessible to the companies taking advantage of this feature, and the impacted users were none the wiser — a situation which was rightly frustrating many iPhone users.
A representative from TikTok claimed that the feature of accessing users’ clipboards was implemented for their particular purpose of “identifying repetitive and spammy behavior”. This activity was discovered back in March 2020 by Apple, who then informed TikTok that they need to stop doing this in order to be compliant with proper operating procedures. The video sharing app claimed to stop this activity at that time after receiving the warning from Apple, however, research into different apps’ features showed that TikTok had not yet stopped that spying along with other applications.
Be cautious using the ‘copy’ feature on your phone — Though it may be easier to simply copy information such as passwords or addresses which might be hard to remember, try to avoid using your copy feature impetuously. When it comes to highly sensitive information especially, it would be better to take your time referring back to an app a couple times and typing the data out rather than copying it to ensure it never reaches the clipboard on your phone. Unfortunately, it is not yet known what those companies used accessed information from corrupted clipboards for, but it is better to be safe than sorry in these situations.
Update your phone to the newest operating system — As with new app updates, be sure to implement new updates to your phone’s operating system when prompted as this will help to protect your data from newly discovered threats. The new Apple update — iOS 14 — will now notify a user via banner alerts at the top of their phone when an app is trying to access their clipboard data.
Update passwords often — Not only should you update your apps and phone operating systems, but your passwords should be updated often. Be sure to not use repeat passwords and avoid writing passwords down anywhere. Continually changing your passwords on a regular basis as well as using multi-factor authentication help to add another layer of protection between yourself and cyber threats.
Delete suspicious apps off of your phone — For those who are skeptical of the iOS update which claims it will update the user of any apps trying to continue this, simply delete the application off of your phone. Since this flaw was found, Amazon has asked all of its employees to delete TikTok off of their phones over the severe security concerns. Many apps available on your phone are also available in slightly more secure versions on your web browsers. When in doubt, delete suspicious apps off of your phone and access their websites from your laptop or computer.
For a comprehensive list of apps which were discovered to be using this suspicious feature of surreptitiously accessing user clipboards, please click here.