I have seen a few “infected” iOS devices in the past couple of weeks. Yes, for real. After so many years of being nearly bulletproof to normal malware, the iPhones I’ve worked on were compromised by configuration profiles. To remove the proxy or other malicious settings, the profile has to be deleted.
This Apple KB article details how to remove an app that has installed a profile on your iOS device. Since macOS now uses configuration profiles to ease large deployments, so it’s likely this will become a common threat vector on Apple’s desktop and notebook computers.
- Go to Settings > General > Device Management, Profile Management, or Profile & Device Management, then tap on the app’s configuration profile.
- Tap Delete Profile. If asked, enter your device passcode, then tap Delete.