Cybercriminals enter malware into an iPhone via a keyboard application, thereby collecting a variety of information including passwords and a user's history of online activity. The differences between the iPhone's default keyboard app and the malware keyboard app are almost visually identical. Cybersecurity firm Serto Software says this makes it safe for users to use. 

Apple checks the security of new apps before adding them to the App Store. Additionally, the “Testflight” option gives developers the opportunity to test the functionality of the app on up to 10,000 people.

After reviewing user feedback, the app will be added to the App Store. Cybercriminals are taking advantage of Apple's "Testflight" option to steal information by injecting malware called "stalkware" into iPhones through the keyboard app. 

According to Certo Software, Stalkerware malware enters iPhones by downloading a keyboard app for testing. This results in the malware sending its information to cybercriminals every time the user types on the iPhone keyboard.

In this way, cybercriminals commit various crimes by remotely collecting all the messages, account passwords, OTP codes, bank account information, and online activity history written by a specific iPhone user.

To avoid such cyberattacks, security analysts are urging people to quickly delete an unknown company's keyboard app on their iPhones. Additionally, it is recommended to take precautions before downloading and testing applications.