Apple’s Lockdown Mode continues to stand out as one of the toughest consumer security features available on any smartphone. Nearly four years after its debut in 2022, there are still no known cases of a device running Lockdown Mode being successfully compromised by commercial spyware, according to a new TechCrunch report citing both Apple and outside researchers.
Apple says the feature was designed for the small number of users who may face highly targeted digital threats because of their work, identity, or public role. That includes journalists, activists, government personnel, and others who could be singled out by advanced surveillance tools rather than ordinary malware campaigns.
An Apple spokesperson told the publication that the company is not aware of any successful attacks against devices with Lockdown Mode enabled. Independent groups appear to back that up. Researchers at Amnesty International’s Security Lab said they have not found evidence of successful compromises in the dozens of spyware cases they have investigated involving this setting, while the University of Toronto’s Citizen Lab has previously reported that the feature helped block high-end tools such as Pegasus and Predator.
The report adds an interesting detail: some attackers may stop trying once they detect that the target device is using Lockdown Mode. Google security researchers previously documented an iPhone attack chain in which the spyware appeared to abandon the infection attempt after recognizing the feature was enabled, likely because the hardened environment reduced the odds of success and increased the risk of detection.
That lines up with how Apple designed the feature. Lockdown Mode cuts down the device’s remote attack surface by limiting message attachments, restricting certain web technologies in WebKit, and disabling other pathways commonly abused in zero-click or low-interaction exploits. The trade-off is a less flexible user experience, but for high-risk users, that compromise can make sense.
For most people, Apple still doesn’t present Lockdown Mode as something that needs to stay on all the time. But the feature’s track record is starting to look impressive. In an era when commercial spyware vendors keep refining their tools, a nearly four-year run without any known successful break-ins is a strong signal that aggressive hardening can work when it’s implemented well.
