Apple Says No iPhone in Lockdown Mode Has Ever Been Hacked
Source: MacRumors
Overview
Apple says it has no record of a successful spyware attack against any device running Lockdown Mode, the opt‑in security feature introduced in 2022.
“We are not aware of any successful mercenary spyware attacks against a Lockdown Mode‑enabled Apple device,” an Apple spokesperson told TechCrunch.
What is Lockdown Mode?
Lockdown Mode is available on iPhone, iPad, and Mac. When enabled, it:
- Blocks most message attachment types.
- Disables certain complex web technologies.
- Prevents devices from automatically joining non‑secure Wi‑Fi networks.
- Restricts other system features commonly exploited by mercenary spyware.
Apple designed the feature to protect high‑risk users such as journalists, activists, lawyers, and others who may be targeted by sophisticated nation‑state‑level attacks.
Statements from Security Researchers
- Donncha Ó Cearbhaill, head of the security lab at Amnesty International, said his team “has not seen any evidence of an iPhone being successfully compromised by mercenary spyware where Lockdown Mode was enabled at the time of the attack.”
- Digital‑rights groups—including Amnesty International and the University of Toronto’s Citizen Lab—have documented numerous successful spyware attacks on iPhone users over the years, but none involved a bypass of Lockdown Mode.
Documented Cases of Lockdown Mode Blocking Spyware
Citizen Lab researchers confirmed at least two instances where Lockdown Mode actively blocked spyware:
- NSO Group’s Pegasus – the spyware aborted its infection attempt when it detected Lockdown Mode.
- Predator spyware (from a company now part of Intellexa) – similarly halted when Lockdown Mode was active.
Google researchers observed the same behavior, noting that the malware was coded to abort to avoid leaving traces that could expose the attack.
Commentary
TechCrunch summed up the situation: “I think it’s safe to say, Lockdown Mode is one of the most aggressive consumer‑facing hardening features ever shipped.”
This article first appeared on MacRumors.com.