CISA Warns of Global Spyware Threat Targeting WhatsApp, Instagram, TikTok Users — Nigeria Included
Online conversations on popular apps such as WhatsApp, Instagram, TikTok, Telegram, and Facebook Messenger are now under serious threat, following a global cybersecurity alert issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
According to a report by Forbes, multiple cyber threat actors are actively using commercial-grade spyware to infiltrate mobile devices worldwide. The spyware, still in development or limited testing, allows attackers to take full control of smartphones, bypass security features, and harvest banking credentials, all while evading encrypted messaging protections.
CISA’s findings reveal that attackers are not breaking encryption. Instead, the spyware reads messages after users decrypt them on their screens.
“The attackers have not broken encryption. What they have done is create a technical process that reads your messages once they appear on your smartphone screen,” Forbes reported.
Nigeria Not Exempt From Global Spyware Wave
While initially believed to target high-profile individuals in the U.S. and Europe, the threat has now reached Nigeria, where both iPhone and Android users have reported unusual hacking attempts.
The spyware’s design allows it to operate remotely and globally, meaning a device in Lagos is just as vulnerable as one in New York or London. Nigeria’s reliance on imported smartphones, mainly from China and the U.S., also increases exposure to such global threats.
Real Victim Accounts in Nigeria
Emmanuel, a Lagos-based iPhone 11 Pro Max user, described repeated hacking attempts on his apps:
“For two weeks now, someone has been trying to hack into most of the accounts I manage on my iPhone. This morning, I noticed an attempt to hack a TikTok account. When I checked, two-factor authentication had been turned off on all my social media platforms.”
Blessing, an Android user on a Tecno device, noticed suspicious activities targeting her WhatsApp communities:
She observed attempts to infiltrate the WhatsApp groups she manages, an indication of efforts to steal information or spread disinformation.
These cases highlight that regular Nigerian users, not just public figures, are becoming targets.
How to Secure Your iPhone or Android Device From Spyware Attacks
Based on guidance from CISA, here are essential steps to protect your smartphone:
iPhone Security Measures
1. Enable Lockdown Mode (For High-Risk Individuals)
Recommended for journalists, activists, and administrators of sensitive accounts.
2. Audit App Permissions
Check which apps have access to your Camera, Microphone, and Location. Revoke unnecessary access.
3. Use iCloud Private Relay
This feature masks your IP address, adding a privacy shield while browsing.
4. Disable SMS Fallback for iMessage
Prevent messages from falling back to unencrypted SMS if iMessage fails.
Android Security Measures
1. Ensure Google Play Protect Is Enabled
This continuously scans your device for malware.
2. Restrict App Permissions
Limit access to your Camera, Microphone, Contacts, and other sensitive features.
3. Turn On Enhanced Safe Browsing in Chrome
Provides stronger protection against malicious websites and downloads.
4. Download Apps Only From Google Play Store
Avoid APKs and sideloaded apps, major malware campaigns like the Sturnus Trojan spread through fake downloads.
Security Tips for Both iPhone and Android Users
1. Update Your Device and Apps Regularly
Updates patch security vulnerabilities exploited by spyware.
2. Stop Using SMS for Two-Factor Authentication
Use app-based authentication tools such as:
- Google Authenticator
- Microsoft Authenticator
- Authy
3. Verify Linked Devices
Check active sessions on:
- Telegram
Log out of any unfamiliar devices immediately.
4. Use a Secure Password Manager
Generate long, unique passwords to prevent attackers from compromising multiple accounts.
As spyware attacks intensify globally, Nigerian smartphone users must adopt stronger cybersecurity practices to stay protected. Regular device audits, updates, and secure authentication methods remain the most effective defence against emerging threats.
