Zero-click WhatsApp spyware targeted 90 journalists, says Meta

A zero-click WhatsApp spyware attack was made against 90 journalists and other “civil society members,” said Meta, which managed to detect the incident.

A zero-click attack means that victims don’t need to tap on a link or take any action in order for their devices to be compromised – simply receiving the message is enough …

Zero-click WhatsApp spyware

The most notorious company behind zero-click attacks is Israel’s NSO, whose Pegasus spyware operates through Apple’s Messages app.

Such attacks are especially dangerous because there is no way to protect against them short of switching on Apple’s Lockdown Mode, which disables most of the iPhone’s functionality.

The Guardian reports that this attack used Paragon’s Graphite spyware, a rival to Pegasus.

Nearly 100 journalists and other members of civil society using WhatsApp, the popular messaging app owned by Meta, were targeted by spyware owned by Paragon Solutions, an Israeli maker of hacking software, the company alleged on Friday.

The journalists and other civil society members were being alerted of a possible breach of their devices, with WhatsApp telling the Guardian it had “high confidence” that the 90 users in question had been targeted and “possibly compromised”.

Like Pegasus, Paragon’s spyware is used by a number of governments around the world. Meta says that it doesn’t know who is behind this attack.

Meta has notified those targeted, and is also exploring possible legal action against Paragon.

“WhatsApp has disrupted a spyware campaign by Paragon that targeted a number of users including journalists and members of civil society. We’ve reached out directly to people who we believe were affected. This is the latest example of why spyware companies must be held accountable for their unlawful actions. WhatsApp will continue to protect people’s ability to communicate privately,” a company spokesperson said. Paragon Solutions declined to comment […]

WhatsApp said it believed the so-called vector, or means by which the infection was delivered to users, was through a malicious pdf file that was sent to individuals who were added to group chats. WhatsApp said it could say with “confidence” that Paragon was linked to this targeting.

John Scott-Railton, a senior researcher at the Citizen Lab at the University of Toronto, which tracks and identifies digital threats against civil society, said Citizen Lab provided WhatsApp with some information that helped the company understand the vector that was used against the company’s users.

The group is expected to publish a report in the future that will provide more details about the alleged targeting.

Via Engadget. Photo by Rachit Tank on Unsplash.