Meta-owned WhatsApp has successfully disrupted a sophisticated spyware campaign that targeted approximately 90 journalists and civil society members. The attack, attributed to Israeli spyware firm Paragon Solutions, was neutralized in December 2024.
Zero-Click Attack Puts WhatsApp Users at Risk
According to a statement provided to The Guardian, WhatsApp confirmed that affected users had been notified and that there was "high confidence" in their accounts being targeted or potentially compromised. The full extent of the attack remains unclear, including its duration and the identities of those responsible.
Unlike conventional cyberattacks, this campaign utilized a zero-click exploit, allowing spyware deployment without any user interaction. It is believed that a specially crafted PDF file was distributed within WhatsApp group chats, triggering the infection upon delivery.
Meta Takes Action Against Paragon Solutions
In response, Meta issued a cease-and-desist letter to Paragon Solutions and is reportedly exploring further legal and technical actions. This marks the first publicly known case where Paragon's spyware technology has been exploited maliciously.
Paragon Solutions, similar to the notorious NSO Group, develops surveillance software called Graphite, which is marketed to government agencies for cybersecurity and intelligence purposes. The company was recently acquired by AE Industrial Partners, a U.S.-based investment firm, in a $500 million deal.
Despite its claims of offering "ethically based tools" for tackling digital threats, Paragon's software has raised concerns over its misuse. Reports indicate that the U.S. Drug Enforcement Administration (DEA) utilized Graphite in counternarcotics operations in 2022. Additionally, in 2023, the Center for Democracy and Technology (CDT) urged the Department of Homeland Security (DHS) to disclose details about its $2 million contract with Paragon.
WhatsApp’s Ongoing Fight Against Spyware
This revelation follows a major legal victory for WhatsApp against NSO Group. A California court recently ruled in favor of WhatsApp, holding NSO accountable for deploying Pegasus spyware to infect 1,400 devices in May 2019.
The disclosure also coincided with the arrest of former Polish Justice Minister Zbigniew Ziobro, who is accused of authorizing Pegasus spyware to surveil opposition figures.
Final Thoughts
Meta's latest action against spyware reinforces the growing concerns over the use of surveillance technology and its implications for privacy and digital rights. As spyware threats evolve, WhatsApp and other platforms must continuously bolster security measures to protect users from unauthorized surveillance.