WhatsApp has disclosed that an Israeli maker of hacking software, Paragon Solutions, targeted at least 90 WhatsApp users around the world (mostly journalists and Activists).
The infection happened with no interaction, that is victims didn’t need to click a link or attachment to activate it. This is called a “zero-click” attack. Generally, even security-aware and sophisticated users would not be able to protect themselves against such an attack.
Paragon’s hacking software is used by government clients and WhatsApp said it had not been able to identify the clients who ordered the attacks.
WhatsApp said it had sent Paragon a “cease and desist” letter and that it was exploring its legal options. WhatsApp has said it’s notifying victims of the hacking.
Said a WhatsApp spokesperson:
“WhatsApp has disrupted a spyware campaign by Paragon that targeted a number of users including journalists and members of civil society. We’ve reached out directly to people who we believe were affected. This is the latest example of why spyware companies must be held accountable for their unlawful actions. WhatsApp will continue to protect people’s ability to communicate privately,”
A guardian article says a source close to Paragon revealed “Paragon had 35 government customers.” Which governments these are is not disclosed. Paragon has spyware called Graphite, which, when it infects a phone, gives the attack access to the whole phone including messages in WhatsApp and other otherwise “secure” apps.
Spyware Makers
Paragon Solutions is by no means the only spyware maker making it’s software available to governments and other unsavoury characters looking to spy on people on the internet. Others include:
- NSO Group – Known for their Pegasus spyware. Based in Israel, they’ve received significant public attention for developing tools used against journalists, activists, and political figures.
- Candiru – Another Israeli firm that develops spyware for government clients. They’ve been identified in investigations by Microsoft and CitizenLab.
- Cytrox – Maker of Predator spyware, they’ve been documented selling surveillance tools to various government clients.
- Hacking Team – An Italian company known for their Remote Control System (RCS) malware. They became widely known after a major data breach exposed their client list and operations.
- FinFisher (formerly part of Gamma Group) – Developed surveillance software marketed to law enforcement and intelligence agencies.
- DarkMatter – A UAE-based cybersecurity company that has been linked to surveillance operations.
