By Russia Today | Created at 2025-01-31 20:20:16 | Updated at 2025-01-31 23:39:25
3 hours ago
The messenger has issued a cease-and-desist letter to Paragon Solutions following the hack attack
Meta’s popular messaging platform WhatsApp has alerted nearly 100 journalists and civil society members to potential device breaches involving spyware from Israeli firm Paragon Solutions, a company official told Reuters on Friday.
These individuals have likely been compromised through a zero-click attack, possibly initiated via a malicious PDF sent in group chats, according to WhatsApp.
The identity of the attackers remains unknown, though Paragon’s software is typically used by government clients. After detecting and disrupting the hacking effort, WhatsApp issued a cease-and-desist letter to Paragon. The incident has been reported to law enforcement and Citizen Lab, a Canadian internet watchdog.
Paragon declined to comment on the accusations, according to Reuters.
Citizen Lab researcher John Scott-Railton told the outlet that the incident “is a reminder that mercenary spyware continues to proliferate and as it does, so we continue to see familiar patterns of problematic use.”
Paragon’s website advertises "ethically based tools, teams, and insights to disrupt intractable threats,” and claims to only sell to governments in stable democratic countries. The company’s products include Graphite, spyware that allows total phone access.
Despite Paragon’s claims of ethical practices, WhatsApp’s findings suggest otherwise, Natalia Krapiva, senior tech-legal counsel at Access Now, told Reuters. She emphasized that such abuses are not isolated incidents, saying, “This is not just a question of some bad apples – these types of abuses (are) a feature of the commercial spyware industry.”
This incident follows a series of legal challenges against Israeli spyware firms. In December 2024, a US judge ruled that NSO Group, the maker of Pegasus spyware, was liable for hacking the phones of 1,400 individuals through WhatsApp in May 2019, violating US state and federal hacking laws, and WhatsApp’s terms of service. A separate trial in March will determine what damages NSO Group owes WhatsApp.
Legal documents from ongoing US litigation between NSO Group and WhatsApp have revealed that it is the Israeli cyberweapons maker NSO Group, not its government clients, that installs and extracts information using its spyware. This disclosure contradicts NSO’s prior claim that only clients operate the system without NSO’s direct involvement.
