WhatsApp has claimed that some users were “possibly compromised” by spyware, according to a report by The Guardian. The Meta-owned messaging app went on to allege that nearly 100 journalists and activists were targeted in the attack. Additionally, the platform says it has “high confidence” that the Graphite spyware came from Paragon Solutions, a company founded in Israel that was recently acquired by a US investment firm.
Hacking experts allege that this was a “zero-click” attack, meaning that the targeted users wouldn’t have had to click on a nefarious link to get infected. This is a similar method to another large-scale WhatsApp hack, in which spyware called Pegasus infected over 1,400 devices. Once a device is infected by something like Pegasus or Graphite, the spyware operator has total access. This even includes the ability to read messages sent via encrypted applications like WhatsApp and Signal.
WhatsApp says it has informed the 100 or so users of the potential attack, but has declined to disclose where they are based and who they are. It did say that it disrupted the alleged attacks back in December, though it's unclear how long the targets may have been under threat.
“This is the latest example of why spyware companies must be held accountable for their unlawful actions. WhatsApp will continue to protect people’s ability to communicate privately,” a company spokesperson said. WhatsApp has sent Paragon a “cease and desist” letter and says that it’s exploring legal options.
As for Paragon, it recently entered into a controversial $2 million contract with the US Immigration and Customs Enforcement (ICE) department. Wired reports that the one-year contract tasks Paragon with providing a “fully configured proprietary solution including license, hardware, warranty, maintenance and training.” The company has yet to respond to the allegations from WhatsApp.
)
English (US) ·