Apple has issued a high-priority security advisory for iPhone owners around the world, recommending that they immediately reset their devices. The move aims to combat a wave of sophisticated mercenary spyware attacks that exploit critical vulnerabilities in older versions of the operating system. The company reinforces that the action is an essential layer of defense, especially for users who have not yet installed the latest update.
These digital threats, known as “zero-click”, are particularly dangerous because they do not require any user interaction to infect the device. A simple receipt of a message can be enough to compromise the system. Agências global cybersecurity experts endorse the guidance from Apple, highlighting the importance of taking regular preventive measures to mitigate the risks associated with these high-cost, targeted attacks.
The recommendation to restart your device has gained traction among experts as a fundamental digital hygiene practice. The procedure is capable of stopping the execution of malicious software that operates only in the device’s volatile memory, breaking the attack chain before greater damage can occur. Para definitive protection, updating to the latest version of the system, iOS 26, is essential.
What are mercenary spyware attacks
Mercenary spyware is an advanced category of surveillance software, developed by private companies and marketed to governments and state agencies. The target of these attacks is not the average user, but rather specific high-value targets such as journalists, human rights activists, political dissidents and executives of large corporations. The cost to deploy a single infection can reach millions of dollars, reflecting the complexity and effectiveness of these tools.
Unlike conventional malware, which generally spreads en masse, mercenary spyware is surgical. Infection can occur invisibly, exploiting vulnerabilities in popular applications such as iMessage or the web page rendering engine, WebKit. Apple confirmed that active exploits target flaws already fixed in the latest updates, making outdated devices easy targets.
Why Hard Reset Protects Your Device
Completely restarting your iPhone is an effective defense tactic because it forces the device’s RAM to be wiped clean, where many temporary malware components reside. When turning the device off and on, all active processes are terminated, and malicious codes that do not have the ability to be reinstalled in permanent storage are eliminated. Agências as well as Agência of Segurança Nacional (NSA) of Estados Unidos and ANSSI, its French counterpart, recommend this practice weekly as a proactive security measure. Embora reboot does not remove persistent infections, which are designed to survive this process, it significantly increases the cost and complexity for attackers to maintain access to the device. Constantly interrupting spyware’s connection to its command and control servers can frustrate data collection and alert to the presence of a threat, making the spying operation less efficient.
How to perform the restart correctly
To ensure that the reset is effective, users must use methods based on the device’s physical buttons, avoiding software menus that can be simulated by malware. The procedure is simple, quick and does not result in data loss. Apple details two main ways to perform a complete and safe shutdown.
The first and most common method is to press and hold the side button and one of the volume buttons simultaneously. Após few seconds, the “slide to power off” slider will appear on the screen. When dragging it, the user must wait about 30 seconds for the iPhone to turn off completely before pressing the side button again to turn it on.
A second method, known as a force restart, is useful when the screen is unresponsive. The process involves quickly pressing and releasing the volume up button, then the volume down button, and then holding down the side button. The device should be kept like this until the Apple logo appears, indicating that the reset process has started successfully.
Update to iOS 26 as a permanent solution
Although rebooting is an important stopgap measure, the most robust and definitive solution against these threats is to keep the operating system up to date. The update to iOS 26 is crucial, as it contains security fixes (patches) that close the loopholes exploited by mercenary spyware. Dispositivos compatible devices, from iPhone 11 onwards, must install the new version without delay.
For older models that do not support iOS 26, Apple has released iOS 18.7.3, a security update that also fixes known vulnerabilities. It is essential that users check compatibility and apply the corresponding version to their device.
Market data indicates that a significant portion of users postpone or ignore system updates. Essa practice creates a large window of opportunity for cybercriminals, as security flaws in older versions are publicly documented and can be easily exploited.
The software update process itself requires a restart of the iPhone. Esse step ensures that all new fixes are correctly applied to the system core, strengthening the device’s defenses against the latest threats identified by the Apple security team.
Recommendations from international agencies
Apple guidance is supported by leading cybersecurity agencies around the world. ANSSI, the French information security agency, recommends the total and weekly shutdown of smartphones as a standard practice, emphasizing that the procedure must be done using physical buttons to prevent malware from simulating a false restart to deceive the user and maintain persistence.
In Estados Unidos, the NSA has maintained similar guidance for years, instructing government employees and the general public to restart their mobile devices regularly. Segundo the agency, this simple action is effective in interrupting the “kill chain” of a cyberattack, making it difficult for malware to communicate with its controllers and extract sensitive data.
Additional protective measures
For users who may be high-risk targets, Apple offers an extra layer of security called “Mode Lockdown” (Modo of Bloqueio). Este feature drastically restricts iPhone functionality to reduce the attack surface by limiting attachments in messages, blocking certain web technologies, and disabling wired connections when the device is locked. Ativar Mode of Bloqueio is an extreme but highly effective measure. The main barrier of protection, however, remains keeping iOS up to date. Users can ensure this by enabling automatic updates in the “Settings” section. Além Furthermore, it is crucial to avoid “jailbreaking”, a process that removes the operating system’s native security protections, leaving the device exposed to a wide range of threats.
Global impact of current threats
The sophistication and scope of these threats are increasing. Desde 2021, Apple has already sent threat notifications to users in more than 150 countries, warning them that they may have been targets of state-sponsored attacks. Espionage Ferramentas like Pegasus, developed by NSO Group, demonstrate the high level of resources and engineering behind these campaigns. Recent Pesquisas have confirmed that vulnerabilities patched in December 2025 continue to be actively exploited against devices that have not been updated. Embora the common citizen is rarely the direct target, the proliferation of these tools increases the risk that their technologies will leak into conventional cybercrime, increasing the danger for the entire user base.
