Meta-owned WhatsApp has confirmed disrupting a spyware campaign that targeted 90 journalists and civil society members, linked to Israeli spyware firm Paragon Solutions.
The attack, neutralized in December 2024, used a zero-click exploit, meaning the spyware was deployed without user interaction, likely via PDF files sent in WhatsApp group chats.
WhatsApp notified affected users, stating it had "high confidence" they were targeted and possibly compromised. However, the identity of the attackers and the duration of the campaign remain unknown. In response, WhatsApp issued a cease-and-desist letter to Paragon and is considering further legal action.
Paragon, like NSO Group, develops government surveillance software, including Graphite, used for digital intelligence and forensic analysis. The company was acquired by AE Industrial Partners in a $500 million deal in December 2024. Reports indicate that Graphite was previously used by the U.S. DEA for counternarcotics operations, raising privacy concerns.
This revelation follows a California court ruling in favor of WhatsApp against NSO Group, which deployed Pegasus spyware on 1,400 devices in 2019. It also coincides with the arrest of former Polish Justice Minister Zbigniew Ziobro, accused of using Pegasus to monitor opposition leaders.
The incident underscores growing concerns over spyware misuse, reinforcing the need for stricter global regulations on digital surveillance and privacy protections
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
