How to Protect Your iPhone or Android Device From SpywareNEWS | 07 January 2026In December, hundreds of iPhone and Android users received a threat notification, warning them their device had been targeted by spyware. Days later, Apple and Google patched security holes that experts think were used to plant the stealthy malware on a select group of devices.
Spyware is so dangerous because the adversary is able to see and hear everything you do on your smartphone, including via encrypted messaging apps such as WhatsApp and Signal. But it tends to be extremely targeted against dissidents, journalists, politicians, and business leaders operating in certain sectors.
The malware has hit a number of high-profile people, including former Amazon CEO Jeff Bezos and Hanan Elatr, wife of murdered Saudi dissident Jamal Khashoggi—who were both compromised by NSO Group’s Pegasus spyware.
Today, spyware remains just as prolific in these circles, but experts think its impact could be widening. In early December, as Google issued its threat notification, the tech firm’s researchers detailed how an exploit chain was used to install Predator spyware surreptitiously onto a device.
It came after an alert issued by the US Cybersecurity and Infrastructure Security Agency (CISA), warning users that adversaries are “actively leveraging” commercial spyware to target mobile messaging applications.
As the risk increases, what can you do to protect your Android device or Apple iPhone?
Zero-Click Attacks
Spyware often hits smartphones in so-called zero-click attacks, meaning your phone can become infected without clicking a link, downloading a malicious image, or any other kind of user interaction.
The attack cannot be mitigated via the usual routes. If the malware has infected your smartphone, adversaries can “read messages, observe keystrokes, take screenshots, monitor notifications, and access banking apps,” according to Pieter Arntz, a senior malware researcher at security firm Malwarebytes.
With full system access, spyware can “exfiltrate data such as emails and texts, send messages, steal credentials, and log in to cloud systems,” says Rocky Cole, cofounder of iVerify, an app that helps users to detect spyware.
Aside from zero-click attacks, spyware can infect a device when someone clicks on a compromised link sent over text, email, or social media. Meanwhile, the malware can hide in malicious apps that appear to be legit. It can also be concealed in an image file and downloaded via a message, or get onto your smartphone due to vulnerabilities in your browser.
Infection usually starts through malicious links and fake apps, but it is also taking place via “more subtle methods,” says Richard LaTulip, a field CISO at security company Recorded Future, which collaborated with Google’s threat intelligence team on the Predator spyware findings.
LaTulip cites the example of recent research on malicious browser extensions affecting millions of users that shows “how seemingly harmless tools can become surveillance devices.”
These techniques, often developed by nation-state adversaries linked to governments, indicate a trend toward “more covert, persistent, and device-level compromises,” he says.
A Bigger Problem
Over the past few years, spyware has become a growing issue. Governments and the companies that make the malware say the surveillance tools are used to target only criminals and terrorists, or for national security purposes.
“But the truth is that human rights activists, journalists, and many others across the world have been unlawfully targeted with spyware,” Rebecca White, Amnesty International’s researcher on targeted surveillance, tells WIRED. “In this way, spyware can be used as a tool of repression—to silence people speaking truth to power.”Author: Kate O'Flaherty. Source
