iPhone 7/Plus Malware virus or......?

[Freida]

Hello guys,

I need little help please (if possible). My partner received a video on messenger which when clicking on diverted us to Apple Store to download app called "Ether VPN - Light and Secure" from Tekstil, OOO developer. Upon downloading and opening the app it showed a message that the iPhone is infected with a malware and that to remove it to click on the pop up window that said: Remove now.

Whilst in the app the iPhone was also beeping about every 15 secs or so.

Now, anyone can recommend if we got infected and something has to be done (we didn't tap on the remove button). When I saw it I closed the app and my partner deleted it.
For obvious reasons now, we are worried whether or not that App could have done any damage and/or if its still on the iPhone even though we deleted it.

Anyone has any suggestions on how to check/clean, please?
I would greatly appreciate any help, suggestions

 

[RRC]

Remove the app, remove the VPN profile and erase all contents and settings. Then restore from a backup that want from today’s date.

 

[Apple_Robert]

If you have recent backup, go to Settings > General > Erase all settings > and then restore from a recent back up. A bit overkill but, it will put your mind at ease and the problem is solved.

 

[Freida]

Well, the VPN profile didn't get installed as I guess thats probably what would the app do if we tapped on the "remove" button.

So, my thinking is that that part is safe. (Maybe the part of the scam was to install VPN profile and then direct all traffic through them unecrypted so they gain info??)

Are there any anti malware apps that can check your phone, please? (genuine ones)

As usual, my partner didn't back up for a year (despite my urges to do it once a month) so now we want to know if erase is truly necessary or there are other options, please.

Remove the app, remove the VPN profile and erase all contents and settings. Then restore from a backup that want from today’s date.

 

[beach bum]

My IT Dept recommends Malwarebytes for company Macs and iPhones, although I don’t know how good it is.

 

[Freida]

Thank you so much. The more I look into it the more I feel that restore is the only option.
I've checked the Malwarebytes but even the company themselves say that there is no way to scan a device fully just because how sandboxed everything is and also Apple doesn't allow anyone to do so.
So Malwarebytes acts as a preventive measure but if a phone is infected already there is nothing the app can do.

I was hopeful

Anyway, thank you so much. I'll keep digging.

My IT Dept recommends Malwarebytes for company Macs and iPhones, although I don’t know how good it is.

 

[akash.nu]

An app downloaded from the official AppStore having malware is very unlikely. How do you get a random email and keep following the thread to download an unknown app and then launch it is beyond me.

 

[clamacrumors]

This happen to me too and sent out the video on Facebook messenger which when clicking on diverted us to Apple Store to download app called "Ether VPN - Light and Secure" to all my Facebook content many hours later. I should have changed my Facebook password. After it happen, I posted that I was hacked and looked at my Facebook activity and noticed that someone, that wasn't me, had logged into my Facebook account to send out the video.

Please, Please let folks know to act fast and this is going around again in the new year.

 

[teeshot44]

This happen to me too and sent out the video on Facebook messenger which when clicking on diverted us to Apple Store to download app called "Ether VPN - Light and Secure" to all my Facebook content many hours later. I should have changed my Facebook password. After it happen, I posted that I was hacked and looked at my Facebook activity and noticed that someone, that wasn't me, had logged into my Facebook account to send out the video.

Please, Please let folks know to act fast and this is going around again in the new year.

The way you "act fast" is to not click on unknown/unexpected or suspicious email, attachments, links, messages and apps etc.