- WhatsApp has accused the PARAGON ESPION Software Company of targeting journalists
- The encrypted messaging application disrupted the campaign in December 2024
- A ceasefinit letter was published in Paragon by Whatsapp
WhatsApp revealed that he had disrupted a spy software hacking campaign targeting journalists and eminent members of civil society.
The spy software in question belongs to Paragon, a commercial spyware company founded by former Israeli intelligence officers, which WhatsApp Métadonnés has directly involved in the campaign.
WhatsApp says that around 90 of its users have been targeted with malicious PDF files, the victims being informed of the attempt, and a cease-up-end letter.
Paragon surprised journalists to target
According to WhatsApp, the campaign was discovered in December 2024 and did not have to open the PDF attachment, acting as a “zero click” deployment method.
“This is the last example of the reason why spy software companies must be held responsible for their illegal actions. WhatsApp will continue to protect people’s ability to communicate in private, “said WhatsApp spokesperson Zade Alsawah (via Techcrunch).
WhatsApp did not say where the victims of the campaign were based and could not determine when the campaign started.
In 2024, the US immigration and customs enforcement (ICE) signed a $ 2 million contract with paragon which included a “fully configured proprietary solution, including license, equipment, guarantee, maintenance and training ”, according to federal documents.
Although this is the first time that Paragon has been involved in a spy software campaign, many other commercial SPYware software developers have been involved in illegal operations.
The Israeli Society of Spy Software NSO Group is currently in the reticle of a Polish government survey on the deployment of PEGASUS spy software on thousands of opposition government devices.
At the beginning of 2024, WhatsApp won a battle of the Federal Court to be able to consult the source code of the PEGASUS spy software of the NSO group after the company was accused of having deployed the spy software on 1,400 mobile devices over a period of Two weeks in 2019.
“On the basis of Meta’s notification, this Spyware campaign was another precise attack targeting individuals with much appreciated access or contacts,” said Adam Boynton, director of senior security strategy Emeia in Jamf. “When spy software strikes, it is often a sophisticated threat that uses Advanced Advanced. Techniques to maintain persistence.”
“Meta should be congratulated for having proactively issued a warning concerning the attack. Encourage transparency and sure sharing of violation details will be essential to properly approach the threat posed by spy software. We recommend to people who believe that their device could be compromised allow preventive security features such as the locking mode for iPhone users as well as keep their devices on the latest version of the operating system, ”said Boynton .
