WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware

AndyC 28 January 2026

Ravie LakshmananJan 27, 2026Mobile Security / Spyware

Meta on Tuesday announced it’s adding Strict Account Settings on WhatsApp to secure certain users against advanced cyber attacks because of who they are and what they do.

WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware

WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware

Ravie LakshmananJan 27, 2026Mobile Security / Spyware

WhatsApp Rolls Out Lockdown-Style Security Mode to Protect Targeted Users From Spyware

Meta on Tuesday announced it’s adding Strict Account Settings on WhatsApp to secure certain users against advanced cyber attacks because of who they are and what they do.

The feature, similar to Lockdown Mode in Apple iOS and Advanced Protection in Android, aims to protect individuals, such as journalists or public-facing figures, from sophisticated spyware by trading some functionality for enhanced security.

Once this security mode is enabled, some of the account settings will be locked to the most restrictive options, while simultaneously blocking attachments and media from people not in a user’s contacts.

“This lockdown-style feature bolsters your security on WhatsApp even further with just a few taps by locking your account to the most restrictive settings like automatically blocking attachments and media from unknown senders, silencing calls from people you don’t know, and restricting other settings that may limit how the app works,” Meta said.

Cybersecurity

The feature can be enabled by navigating to Settings > Privacy > Advanced. Meta said the feature is rolling out gradually over the coming weeks.

In tandem, the social media giant said it’s adopting the use of the Rust programming language in its media sharing functionality to help keep users’ photos, videos, and messages safe from spyware attacks. It described the development as the “largest rollout globally of any library written in Rust.”

The company also said the use of Rust made it possible to develop a secure, high-performance, cross-platform library (“wamedia”) for media sharing in WhatsApp across devices, adding it’s investing in a three-pronged approach to combat memory safety issues –

  • Design the product to minimize unnecessary attack surface exposure
  • Invest in security assurance for the remaining C and C++ code
  • By default, the choice of memory-safe languages for new code

“WhatsApp has added protections like CFI, hardened memory allocators, safer buffer handling APIs, and more,” the company said. “This is an important step forward in adding additional security behind the scenes for users and part of our ongoing defense-in-depth approach.”

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

Experts Detect Pakistan-Linked Cyber Campaigns Aimed at Indian Government Entities

Experts Detect Pakistan-Linked Cyber Campaigns Aimed at Indian Government Entities

AndyC 28 January 2026
ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

AndyC 28 January 2026
CTEM in Practice: Prioritization, Validation, and Outcomes That Matter

CTEM in Practice: Prioritization, Validation, and Outcomes That Matter

AndyC 28 January 2026
Microsoft Office Zero-Day (CVE-2026-21509) - Emergency Patch Issued for Active Exploitation

Microsoft Office Zero-Day (CVE-2026-21509) – Emergency Patch Issued for Active Exploitation

AndyC 28 January 2026
Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

AndyC 28 January 2026
China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

AndyC 28 January 2026

You may have missed

Celebrating Data Privacy Week with NIST’s Privacy Engineering Program

Celebrating Data Privacy Week with NIST’s Privacy Engineering Program

AndyC 28 January 2026
Shadowserver finds 6,000+ likely vulnerable SmarterMail servers exposed online

Shadowserver finds 6,000+ likely vulnerable SmarterMail servers exposed online

AndyC 28 January 2026
U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

AndyC 28 January 2026
LayerX Discovers Malicious Chrome Extensions Stealing ChatGPT Accounts

The AI Fix #85: ChatGPT gets ads, pets get AI therapists, and everyone’s wrong about LLMs

AndyC 28 January 2026
APT Attacks Target Indian Government Using SHEETCREEP, FIREPOWER, and MAILCREEP | Part 2

Keyfactor Allies with IBM Consulting to Spur PQC Adoption

AndyC 28 January 2026

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.