A significant spyware campaign orchestrated by the Israeli company Paragon has recently been uncovered by WhatsApp, impacting 90 individuals including journalists and members of civil society. The affected users have been notified directly by the platform.

Details of the Spyware Campaign

The Meta-owned WhatsApp platform identified that around 90 individuals, primarily journalists and civil society activists, were victims of a spyware attack. Although WhatsApp communicated the breach directly to those affected, the specific locations of the individuals targeted have not been disclosed.

Role of Paragon Solutions

The spyware attack has been attributed to Paragon Solutions, an Israeli firm owned by AE Industrial Partners. The attackers used malicious PDF files sent via WhatsApp groups, executing a "zero-click" attack that required no interaction from the victim to be compromised. To counter this attack vector, WhatsApp has issued a security update.

Investigation and Response

This incident is under investigation by cybersecurity experts, including John Scott-Railton from The Citizen Lab, who shared his findings on the social media platform X (formerly Twitter).

The campaign is believed to have taken place in December, prompting WhatsApp to send a cease and desist letter to Paragon. Despite being in operation since 2019, this is the first public controversy for Paragon, unlike other infamous spyware firms such as Intellexa and NSO Group, which have faced sanctions and blacklisting by the U.S. government.

Paragon's Background

Paragon's situation was highlighted in Wired Magazine's report from October, detailing a $2 million contract with the U.S. Immigration and Customs Enforcement's homeland security unit.

This development follows WhatsApp's successful legal battle against NSO Group, another Israeli spyware company, which had exploited a vulnerability in WhatsApp to deploy Pegasus spyware.

Scope of the Attack

The recent attack by Paragon extended over two dozen countries, with notable impacts across Europe. Italian media outlet fanpage.it reported itself as one of the targets. WhatsApp worked with The Citizen Lab to conduct a thorough investigation into the breach.

Moving Forward

Paragon and AE Industrial Partners have yet to address the situation publicly. However, WhatsApp's actions against Paragon and its previous legal success against NSO Group underscore its commitment to combating the spyware industry and safeguarding user privacy.

In a statement, WhatsApp emphasized the need for accountability among spyware companies and reiterated its determination to protect users' privacy and secure communication.

The link has been copied!