- WhatsApp has accused the spy company of Spyware Paragon to aim journalists
- The encrypted messaging application interrupted the campaign in December 2024
- WhatsApp has issued a Cessation and District letter to Paragon
WhatsApp has revealed that a spyware piracy campaign aimed at journalists and prominent members of civil society has interrupted.
The Spyware in question belongs to Paragon, a commercial spyware company founded by former Israeli intelligence officers, which Metsapp has directly involved in the campaign.
WhatsApp says that about 90 of its users were attacked with malicious PDF files, and the victims were notified of the attempt, and a cessation and withdrawal letter were issued to Paragon.
Paragon trapped aimed at journalists
According to WhatsApp, the campaign was discovered in December 2024, and did not require users to open the PDF attached file, acting as a “click zero” implementation method.
“This is the last example of why Spyware companies must be responsible for their illegal actions. WhatsApp will continue to protect people’s ability to communicate privately, ”said WhatsApp spokesman Zade Alsawah (through Techcrunch).
WhatsApp has not said where the victims of the campaign were based and could not determine when the campaign began.
In 2024, the United States immigration and customs control (ICE) signed a $ 2 million contract per year with Paragon that included a “fully configured patented solution that includes license, hardware, guarantee, maintenance and training,” says the federal documents.
While this is the first time that Paragon has been involved in a Spyware campaign, many other commercial spyware software developers have been involved in illegal operations.
The Israeli Spyware NSO Group is currently in the sights of a Polish government investigation on the deployment of Pegasus spyware in thousands of opposition government devices.
At the beginning of 2024, WhatsApp won a battle of the Federal Court to see the source code of the Pegasus Spyware of the NSO group after the company was accused of deploying the Spyware in 1,400 mobile devices for a period of two weeks in 2019.
“According to the finish line, this Spyware campaign was another precise attack aimed at people with highly valued access or contacts,” said Adam Boynton, Senior Emeia Security Strategy Manager in JAMF. “When Spyware hits, it is often a sophisticated threat that uses advanced techniques to maintain persistence.”
“Meta must be praised for proactively issuing a warning about the attack. Promoting transparency and safe exchange of non -compliance details will be essential to adequately address the threat raised by Spyware. We recommend that people who believe that their device could be compromised allows preventive safety features, such as block mode for iPhone users, as well as maintaining their devices in the latest version of the operating system, ”said Boynton.
