WhatsApp accuses Israeli spyware firm Paragon of targeting journalists and activists

Paragon Solutions, which has an office in Virginia, USA, is known for developing Graphite, which functions similarly to the infamous Pegasus spyware created by NSO Group

WhatsApp has held Israeli spyware company Paragon Solutions responsible for conducting a sophisticated hacking campaign that targeted nearly 100 journalists, activists, and civil society members. Reports indicate that Paragon used its spyware, Graphite, in the attack. Graphite is a zero-click malware, meaning it can infiltrate devices without any action from the victim, making it particularly dangerous and difficult to detect.

Commercial spyware: A looming threat to privacy and security

WhatsApp asserts it has high confidence that around 90 individuals, including journalists and activists, were specifically targeted and potentially compromised. However, the company has not disclosed the geographic locations of the affected users. WhatsApp confirmed it notified the victims about the breach and is actively addressing the situation. Along with informing the affected individuals, WhatsApp has sent a cease-and-desist letter to Paragon Solutions, demanding an end to its activities. WhatsApp also stated that it is exploring legal options to hold the company accountable for the alleged misuse of spyware.

Also Read: Meta Confirms WhatsApp Spyware Attack on Journalists & Activists

Paragon Solutions, which has an office in Virginia, USA, is known for developing Graphite, which functions similarly to the infamous Pegasus spyware created by NSO Group. Once installed on a target’s device, Graphite grants attackers full access to encrypted apps like WhatsApp and Signal, allowing them to read private messages, monitor activity, and extract sensitive data.

However, WhatsApp has not determined which government or organization was behind the alleged attacks. Paragon Solutions reportedly has 35 government clients, all of which are democratic nations, according to a source familiar with the company, as per reports. Paragon is said to avoid working with countries accused of abusing spyware, such as Greece, Hungary, and India.

The bigger picture: Growing concerns over spyware abuse

This attack on WhatsApp users underscores the mounting concerns surrounding the use of commercial spyware by governments and private entities. Natalia Krapiva, senior tech legal counsel at Access Now, emphasized that such abuses are not isolated but reflect a systemic problem within the spyware industry. Krapiva’s comments suggest that the lack of regulation and oversight is enabling the proliferation of such harmful tools.

This incident follows WhatsApp’s legal victory against NSO Group in December 2024, when a California judge ruled that NSO was responsible for hacking 1,400 WhatsApp users in 2019, violating US hacking laws and the platform’s terms of service. As a result, NSO Group was added to the US Commerce Department’s blacklist in 2021.

WhatsApp has confirmed that it intervened to stop the attacks in December 2024, although the duration of the threats remains unclear. The company is working to support those impacted and strengthen its defences against future cyberattacks. 

Also Read: WhatsApp likely to replace ‘Communities’ tab with ‘AIs’