WhatsApp Introduces Strict Account Settings for Lockdown-Style Spyware Defense
WhatsApp announced a new optional security mode, “Strict Account Settings,” designed to reduce exposure to highly sophisticated attacks—particularly mercenary spyware—by limiting risky functionality when enabled. The feature is expected to roll out in the coming weeks and includes restrictions such as blocking attachments and media from people not in a user’s contact list; it can be enabled via Settings > Privacy > Advanced. WhatsApp positioned the change as an additional layer beyond default end-to-end encryption, aimed at higher-risk users such as journalists and public-facing figures, and noted its ongoing legal fight with NSO Group over the 2019 Pegasus campaign that targeted roughly 1,400 WhatsApp users.
The approach mirrors Apple’s Lockdown Mode, which similarly reduces attack surface for a small subset of users who may be personally targeted by advanced threats by disabling or constraining features across core services. Apple documents that Lockdown Mode blocks most message attachment types, limits complex web technologies, restricts incoming FaceTime calls to recent contacts, blocks certain Apple service invitations, and removes some photo-sharing metadata—trading usability for stronger protection against targeted exploitation. Together, the updates reflect a broader industry pattern of offering opt-in, high-friction hardening modes to mitigate spyware and other highly targeted intrusion techniques.
Related Entities
Threat Actors
Malware
Organizations
Affected Products
Sources
5 more from sources like cyber security news, register security, security affairs, the record media and cyberscoop
Related Stories
Debate Over Mobile OS Lockdown Measures to Reduce Malware and Targeted Attacks
Discussion focused on whether stronger *platform-level restrictions* are necessary to curb mobile threats, contrasting Android’s openness with iOS’s “lockdown” approach. One thread highlights Google’s plan to require centralized **developer registration/verification** for apps installed on Android-certified devices (even if distributed outside Google Play), framed as a way to reduce malware and prevent repeat offenders from re-signing and redistributing blocked apps; it also notes Android’s recent mitigations such as **Restricted Settings** (Android 14) and **Enhanced Confirmation Mode** (Android 15) as partial technical barriers against common scam/phishing tactics. Separately, iOS **Lockdown Mode** is presented as an extreme, reversible hardening option intended for high-risk users (e.g., journalists, activists) that reduces attack surface by disabling or restricting features (e.g., most message attachments/link previews, certain web technologies, incoming FaceTime from unknowns, accessory connections while locked, non-secure Wi‑Fi, and installation of device management profiles). The article cites reporting that a seized journalist phone could not be accessed using law-enforcement forensic tooling when Lockdown Mode was enabled, underscoring how aggressive feature reduction can materially impede both targeted exploitation and post-seizure forensic access.
1 months ago
Mobile Messaging Account Compromises and Spyware Threats
Security researchers and intelligence analysts have documented a series of incidents and trends highlighting the risks to mobile messaging accounts and devices. In December, a new form of WhatsApp account hijacking called GhostPairing was identified, where attackers trick users into linking an attacker-controlled browser to their WhatsApp device, potentially exposing sensitive information. Separately, researchers uncovered large-scale scraping of WhatsApp's contact discovery tool, resulting in the exposure of billions of phone numbers and associated profile data. Meanwhile, spyware threats targeting both iPhone and Android users have escalated, with zero-click attacks enabling adversaries to compromise devices and access encrypted messaging apps such as WhatsApp and Signal. Apple and Google responded by patching vulnerabilities believed to be exploited by commercial spyware like Predator, and the US CISA issued warnings about the active targeting of mobile messaging applications. In another high-profile case, the Iranian-linked Handala hacking group claimed to have fully compromised the mobile devices of two Israeli officials. However, forensic analysis revealed that only their Telegram accounts were breached, not the entire devices. The attackers likely used techniques such as SIM swapping, SS7 exploitation, and phishing to gain access, exposing gaps in session management and account security on encrypted messaging platforms. These incidents underscore the growing sophistication of attacks against mobile messaging services and the need for robust security measures, including privacy controls, passkey-encrypted backups, and vigilance against phishing and SIM-based attacks.
2 months agoWhatsApp Introduces Passkey-Encrypted Chat Backups
WhatsApp has announced the rollout of passkey-encrypted chat backups for both iOS and Android devices, allowing users to secure their stored message history using biometric authentication methods such as fingerprint, face recognition, or device screen-lock codes. This new feature leverages passwordless authentication standards like FIDO2/WebAuthn, replacing traditional backup passwords with cryptographic keys stored securely on the user's device. The update aims to simplify the backup security model and reduce risks associated with weak or forgotten passwords, as the device's biometric or lock code now serves as the primary gatekeeper for backup access. The introduction of passkey-encrypted backups reflects a broader industry shift toward passwordless authentication, with passkeys gaining traction among users seeking enhanced security and convenience. WhatsApp users can enable this feature by navigating to Settings > Chats > Chat backup > End-to-end encrypted backup, and the rollout is expected to reach all users over the coming months. This move builds on WhatsApp's previous implementation of end-to-end encrypted chat backups and further strengthens the privacy and security of user data stored on cloud services like iCloud and Google Drive.
4 months ago