In early 2025, WhatsApp notified approximately 90 users, including journalists and civil society members across Europe, that they were targeted by Israeli spyware company Paragon Solutions. Months later, Apple sent threat notifications to a group of iOS users; forensic analysis confirmed two of them, both journalists, were compromised by Paragon's Graphite spyware using a zero-click attack.
These incidents are examples of a trend where government hackers target journalists, human rights defenders, critics, and political opponents. Attacks rely on sophisticated tools that install spyware on smartphones, granting operators access to calls, messages, photos, camera, microphone, and location data.
In response, tech companies have introduced optional security features aimed at countering targeted spyware attacks. These features include Apple's Lockdown Mode, Google's Advanced Protection Program, Android's Advanced Protection Mode, and WhatsApp's Strict Account Settings. The features trade off some convenience for increased security.
Apple's Lockdown Mode
Lockdown Mode is available on Apple devices. When enabled, it blocks certain iMessage attachments, links, and previews; limits FaceTime calls; restricts web technologies; disables some services; strips photo location data; requires unlocking for accessory connections; blocks automatic Wi-Fi connections; disables 2G/3G; and prevents configuration profile installation. It can be enabled in Settings > Privacy & Security.
Google's Advanced Protection Program
This program for Google accounts restricts third-party app access, enables deep Gmail scans, uses Safe Browsing, limits app installation on Android to official stores, and requires extra verification for account login. It can be enabled via the official page and requires a physical security key or passkey, plus recovery contact information.
Android's Advanced Protection Mode
Introduced in 2024, this mode enables Google Play Protect, blocks unknown app sources, enables Memory Tagging Extension on supported devices, locks the device on suspicious activity or prolonged offline periods, auto-restarts after 72 hours locked, blocks USB when locked, scans for unwanted messages, flags links from unknown users, blocks 2G networks, identifies spam callers, enables Safe Browsing, enforces HTTPS, and disables some JavaScript functions. It can be enabled in Settings > Security and Privacy > Advanced Protection.
WhatsApp's Strict Account Settings
This feature activates two-step verification, security notifications, blocks attachments from unknown senders, turns off link previews, silences unknown callers, hides IP address in calls, restricts profile visibility, and controls group add settings. It can be enabled in Settings > Privacy > Advanced.
Security researchers recommend these features for individuals at risk of government surveillance, noting they are free, easy to enable, and effective. No security measure is perfect, but these features provide significant protection.