Phone and App Features That Help Block Spyware
▼ Summary
– Spyware attacks targeting journalists and dissidents are now common, with recent cases involving Paragon Solutions’ Graphite spyware using zero-click exploits on WhatsApp and Apple users.
– Spyware grants operators full access to a device, enabling them to record calls, steal messages, access photos, and track real-time location.
– Tech giants like Apple, Google, and Meta offer free opt-in security features to counter targeted spyware attacks, which trade some device functionality for enhanced protection.
– Apple’s Lockdown Mode blocks certain iMessage attachments, FaceTime calls, and web technologies, and has never been successfully attacked when enabled, according to Apple.
– Google’s Advanced Protection Program and Android’s Advanced Protection Mode restrict app access, block 2G networks, and add extra verification steps to defend against spyware and hacking.
Spyware attacks are no longer an abstract threat for journalists, human rights defenders, and political dissidents. In early 2025, WhatsApp notified roughly 90 users, many of them journalists and civil society members across Europe, that they had been targeted by Israeli spyware firm Paragon Solutions. Months later, Apple sent threat notifications to a new group of iOS users; forensic analysis confirmed two of them, both journalists, had been hit with Paragon’s Graphite spyware using a zero-click attack, meaning they didn’t even have to tap a link to be compromised. These aren’t isolated incidents. They’re the norm.
Over the past 15 years, security researchers have documented countless cases where government hackers have targeted and successfully compromised journalists, human rights defenders, critics, and political opponents. These attacks rely on expensive, sophisticated, and stealthy tools that allow their operators to hack into and install spyware on computers, but especially smartphones, which hold virtually all the data about a person’s daily life.
Spyware gives its operators virtually full access to the target’s device and data. Government spies can record phone calls, steal chat messages, access photos, and switch on the device’s camera and microphone to record ambient sound and nearby conversations. Spyware also typically tracks a person’s real-time location.
In response to these attacks, tech giants now provide their users with better defenses. In particular, Apple, Google, and Meta offer opt-in features specifically designed to counter targeted spyware attacks. Generally speaking, these features add extra protection, sometimes by turning off or limiting some regular features. It’s a tradeoff, but having used these myself for a long time, I have never found them to be too onerous or annoying to use.
Tech companies, security researchers who have studied spyware for years, and we at TechCrunch recommend that you use these features if you suspect you may be a target of government surveillance because of who you are or what you do. Even if you’re not, these security features will keep your data better protected from entering the wrong hands. No security measure is perfect, and it’s a constant effort to keep security flaws at bay. Spyware makers find new ways to hack into phones and services, then software makers learn from those attacks and respond. Rinse and repeat. But that doesn’t mean these features are not worth using. On the contrary, these features have been proven effective.
“These features are free, easy to enable, and the best defense we have today against sophisticated spyware,” said Runa Sandvik, a security researcher who has worked to protect journalists and other at-risk communities for more than a decade. “If the features get in the way of something you need to do, you can easily turn them off again, meaning it costs very little to turn them on and try them out.”
Here’s a recap of these features and how to switch them on.
Apple’s Lockdown Mode
Apple’s Lockdown Mode is available on all Apple devices, including iPhones. Apple says that when Lockdown Mode is enabled, “your device won’t function like it typically does.” In exchange for this inconvenience, your device will be more secure. There is evidence that Lockdown Mode has helped in the past. Citizen Lab found that Lockdown Mode stopped one spyware attack carried out with NSO Group’s Pegasus software. As recently as March, Apple said it has never detected a successful attack on an Apple device with Lockdown Mode enabled.
Here is what Lockdown Mode changes on your device when you turn it on:
- Attachments received on iMessage other than some images, video, and audio are blocked by default.To switch on Lockdown Mode, go to Settings, then Privacy & Security, and scroll down to Lockdown Mode. Once you enable the feature, your Apple device will restart. I have used Lockdown Mode for years. While I noticed some websites being a bit wonky at the beginning, I haven’t noticed that in a while. Also, you can selectively switch off Lockdown Mode for specific websites and apps without disabling the feature entirely. There are some quirks, but I have gotten used to them, too.
Google’s Advanced Protection Program
Google launched its Advanced Protection Program in 2017. This feature is designed to make your Google account more resilient against malicious hackers of all kinds. Advanced Protection Program includes the following features:
- Restricts some third-party services and apps from accessing your Google account, and only with your permission.To turn on Advanced Protection, go to its official page and click “Get Started.” This will prompt you to log into your Google account. Follow the instructions there. First, you will need to add a physical security key (or a software passkey) as an additional verification factor apart from your passwords. You will also need to add a recovery phone and a recovery email to your account, or use a backup passkey or security key.
Android’s Advanced Protection Mode
Introduced last year and likely inspired by Apple’s Lockdown Mode, Android’s Advanced Protection Mode brings similar defenses to Google’s mobile operating system. Android’s Advanced Protection Mode provides the following security features:
- Enables Google Play Protect, which guards against malware and unwanted apps and checks all apps for “harmful behavior.”To enable Advanced Protection Mode on your Android device, go to Settings, then Security and Privacy, and under Other Settings, tap Advanced Protection, then tap Device Protection.
WhatsApp’s Strict Account Settings
WhatsApp is used by more than 3 billion people, including those in the crosshairs of resourceful government agencies. The demand for hacking tools that target WhatsApp is so high that exploits can cost millions of dollars, and they work. In 2019, WhatsApp caught a hacking campaign by NSO Group that targeted around 1,200 users. Early last year, WhatsApp caught another spy operation that ensnared around 90 users in Europe.
In response, earlier this year, WhatsApp launched Strict Account Settings, an opt-in feature that switches on some privacy and security controls depending on the operating system. On Android and iOS, Strict Account Settings turns on the following features:
- Two-step verification.To switch the feature on, use your primary device and go to Settings, then Privacy, then scroll down to Advanced and turn it on.
