Siri Shortcuts is Being Used to Deliver Malware and Scareware to the Non-Tech-Savvy

Last updated September 20, 2021
Written by:
Bill Toulas
Bill Toulas
Infosec Writer
source: imore.com

Having landed in iOS 12, Siri Shortcuts introduced a shortened path through which Apply users access their virtual assistant for specific actions. Developers of 3rd party apps were quick to incorporate lists of available Siri Shortcuts on their software, allowing users to use new ways to interact with their apps and leverage their features. As the shortcuts that people can download have now reached a galore, some shady ones have also popped up, pushing scareware to random people in the hope of reaching out to non-tech-savvy users who will get fouled and pay the requested ransoms.

For Siri Shortcuts to be useful, a certain level of functionality is allowed to them, and those who have malicious purposes are taking advantage of this somewhat relaxed policy in combination with the lack of cyber-security knowledge that governs the minds of many out there, to deliver empty threats. From screen locking to flashlight lighting up, and from warning notifications to uploading content online, a lot of what is within the Siri Shortcuts functionality spectrum is being fully exploited by those who want to deliver menacing messages. The following video from IBM Security shows how simply it’s done.

https://www.youtube.com/watch?time_continue=33&v=PlgPSwwZc80

Unfortunately, however, this is not the end of the story, as Siri Shortcut scripts can also serve as a spying worm, uploading user data to a remote server, or even download additional payloads such as a powerful or more sophisticated malware. As the IBM Security team warns, Siri Shortcuts should be treated in the same way that regular iOS apps and browser extension are, from a cyber-security perspective. Apple should be rigorously testing and reviewing the user-made shortcuts, as they do with their App Store apps.

The users who want to take advantage of all that Siri Shortcuts have to offer are advised to only install them from trusted sources, and carefully review the requested permissions before hitting that “install” button. Later, newly installed Siri Shortcuts should be monitored so as their network traffic and battery consumption are not beyond the expected frame. Above all, if you’re greeted with a warning message that asks for the payment of a ransom, do not lose your composure, do not pay anything to anyone, and start digging (or uninstalling) to find out which shortcut is the culprit.

Are you enjoying Siri Shortcuts so far? Let us know how it goes in the comments below, and don’t hesitate to share this story by visiting our socials, on Facebook and Twitter.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: