How to protect your iPhone or Android device from spyware

Infections typically start through malicious links and fake apps, but they also happen via “more subtle routes,” says Richard LaTulippe, chief field information security officer at security firm Recorded Future, which collaborated with Google’s threat intelligence team on the Predator spyware findings.

LaTulip cites the example of recent research on malicious browser extensions affecting millions of users that shows “how seemingly harmless tools can become surveillance devices.”

These technologies, often developed by nation-state adversaries linked to governments, indicate a trend toward “more covert and persistent compromises at the hardware level,” he says.

Bigger problem

Over the past few years, spyware has become a growing problem. Governments and companies that make the malware say the surveillance tools are used only to target criminals and terrorists, or for national security purposes.

“But the reality is that human rights activists, journalists and many others around the world have been illegally targeted with spyware,” Rebecca White, an Amnesty International researcher on targeted surveillance, told WIRED. “In this way, spyware can be used as a tool of oppression – to silence people who speak truth to power.”

Thai activist Niravorn Unkhao is a prime example of this. Between 2020 and 2021, at the height of pro-democracy protests in Thailand, Onnkhaow was targeted 14 times by Pegasus spyware. Shortly after, she decided to end her role in the protest movement amid fears that her private data could be used as a weapon against her.

“Data can be weaponised and lead to further abuse, both online and off – especially for people who already face discrimination based on their identity; for example, on the basis of gender or race,” says White.

Beyond activists, mobile spyware appears to target a broader subset of people, often within the business environment. iVerify’s Cole says the malware is hitting a “broad spectrum of society,” from government officials to financial IT workers. “It is increasingly being used outside of intelligence gathering, to steal credentials to gain access to organizations.”

Signs you’ve been beaten

Spyware is difficult to detect, especially sophisticated strains such as Pegasus and Predator, which are typically only detected through forensic analysis. But you may notice some subtle signs, like your device overheating or slowing down, or activating your camera or microphone when they’re not supposed to be in use.

While advanced spyware may leave no visible trace, sudden drops in performance or changes in connectivity can serve as early warning signs, LaTulippe says.