BEWARE! WhatsApp alleges Israeli spyware firm of targeting dozens of users

An official with Meta Platforms' popular WhatsApp chat service alleged that Israeli spyware company Paragon Solutions had targeted scores of its users, including journalists and members of civil society. WhatsApp said in a statement that it "will continue to protect people's ability to communicate privately."

While the messaging platform did not disclose the locations of the affected individuals, it confirmed that it had notified them of the possible breach. WhatsApp also stated that it had sent a cease and desist letter to Paragon and was exploring legal options to hold the company accountable.

The officer refused to identify the exact target. However, he said that the targets were headquartered in over two dozen nations, including a number of Europeans. According to him, WhatsApp users received malicious electronic documents that compromised their targets without requiring any user interaction—a technique known as a "zero-click hack," which is thought to be very covert. The official refused to explain how it came to the conclusion that Paragon was behind the hack. He added that industry partners and law police had been notified, but he would not elaborate.

With its headquarters located in Virginia, USA, Paragon Solutions is well-known for its Graphite spyware, a program similar to the notorious Pegasus program created by NSO Group. Graphite gives the operator full access to a device when it is installed, including the ability to read communications transmitted by encrypted applications like Signal and WhatsApp.

The announcement from WhatsApp comes after the company recently won a lawsuit against another Israeli spyware manufacturer, NSO Group. A California judge found NSO accountable in December for breaching the platform's terms of service and US hacking laws by hacking 1,400 WhatsApp users in 2019. In 2021, NSO was placed on a US Commerce Department blacklist for actions that were thought to be against US national security interests.