Unauthorized MDM and potential DEP abuse on Apple devices
I’m experiencing whats best described as unauthorized MDM (Mobile Device Management) and as well DEP maybe involved as well on my iOS device and spans my entire Apple ecosystem. These profiles are not visible within the OS by design, yet they are clearly using Apple’s own iOS frameworks and system-level functions to control the device.
Because the operating system treats these instructions as “normal,” antivirus and security tools will not detect this. In practice, the phone behaves exactly as if it’s functioning properly, while in reality all web traffic is silently routed through attacker-controlled servers. This creates an ongoing vector for additional payloads and compromises.
What makes this especially concerning is that Apple Support does not seem equipped to handle this type of abuse, and the invisibility of the profiles means end users have no way to verify whether their device is enrolled in unauthorized management. If a user suspects their microphones or cameras are active without consent, this could very well be occurring silently at the OS level.
The only current defensive step I can recommend to other users is running a network packet capture to see whether their device traffic is being diverted or proxied in ways they didn’t authorize.
Finally, I’d like to raise a red flag: nearly every discussion thread about this topic in Apple’s forums has been locked or closed without resolution. That lack of transparency does not add up and leaves those of us experiencing this abuse without answers or recourse.
[Re-Titled by Moderator]
Original Title: Unauthorized MDM
iPhone 15 Pro, iOS 18
