Reboot your phone now.
getty
This month is unprecedented. Spyware warnings from Apple and Google, affecting all Android, iPhone and Chrome users, were quickly followed by government agency alerts. Emergency updates were released for billions of smartphones within just a few days.
Now here’s another cyber agency warning for all those users. You must “reboot your device,” France’s equivalent to CISA warns, in a set of new guidelines released in conjunction with the U.K. cyber agency. But, it says, you must reboot in a specific way.
ForbesNew WhatsApp Attack—Hackers Gain ‘Full Access’ To AccountsBy Zak Doffman
CERT-FR says “the complete shutdown of the device stops all processes and removes all software residing only in memory, such as a memory-based, non-persistent spyware.” But clearly, “deletion of a spyware does not protect from reinfection” after a restart.
The more surprising warning is on how to reboot. CERT-FR says you must turn off then turn on the device, “without using the reboot feature, as some spyware is able to simulate a reboot to deceive the user.” And that would be especially devious.
The cyber agency urges users not to delay updating and rebooting devices. That means do it now. That happens anyway with a firmware update, such as iOS 26.2 on iPhone or December’s security release on Android. It does raise a question over Apple’s new background security fixes as and when they come, which may not require a reboot.
This reboot advice is not uncommon. America’s NSA has long-standing advice to “turn phones off and on” weekly, and that’s exactly how the spy agency words it, rather than referring to a reboot or restart which would suggest a possible software process.
ForbesPorn Hack—Has Your Pornhub Search And View History Leaked?By Zak Doffman
CERT-FR says “spyware deployed with the use of a zero-click vulnerability is the most sophisticated threat targeting mobile devices.” This is what we have seen disclosed this week for both iPhone and Android. Stealthy attacks “help avoid detection by existing only in the memory of the device so as to leave no trace of its presence.” That means an attacker “needs to re-compromise the device after each reboot.”
Even so, the weekly reboot advice is divisive. But given the current threat landscape and the nature of the chained spyware being disclosed, a weekly power cycle is a good idea. My advice is to pick a slot — Sunday evening, for example, and just form a habit.