WhatsApp Reveals Global Spyware Campaign Targeting Journalists, Civilians
TEHRAN (Tasnim) - Approximately 90 users of Meta’s WhatsApp were targeted in a global spyware campaign orchestrated by Israeli firm Paragon Solutions, according to a WhatsApp spokesperson.
The attack, which spanned over two dozen countries, primarily in Europe, focused on journalists and civil society members.
A WhatsApp spokesperson told NBC News that Paragon Solutions exploited a method to illegally access networks, using malicious PDF files sent through groups.
The spokesperson stated, “The vector involved using groups and sending a malicious PDF file,” adding that the company has “successfully disrupted this exploitation vector.”
WhatsApp has issued a cease-and-desist letter to Paragon Solutions following the attempted attacks.
Affected users were notified via WhatsApp chat and provided with guidance on protecting themselves from spyware.
Paragon Solutions did not respond to a request for comment.
A WhatsApp help page on spyware explained, “These attackers look for vulnerabilities in apps or the mobile phone operating system or try to trick users into clicking on malicious links or downloading malware — all to gain unauthorized access that can damage your phone, steal your information and put your privacy and security at risk.”
Francesco Cancellato, editor-in-chief of Italian online newspaper Fanpage.it, revealed he was among the journalists targeted.
In a message to Cancellato, WhatsApp confirmed it had halted the attack in December.
The campaign was tracked with the help of WhatsApp’s security team and Citizen Lab, a cybersecurity research lab at the University of Toronto’s Munk School of Global Affairs.
John Scott-Railton, a senior researcher at Citizen Lab, told NBC News, “When a phone is infected, the operator of that spyware can typically do anything that you as a user can do on the phone.”
He added, “They can access your encrypted messages, your chats, look at your photographs, browse your messages, listen to your voice memos, look at your notes, read your contacts, get your passwords, and also do some number of things that you can’t do, like silently activating the microphone to listen to a conversation you might be having in a room, or turning on the camera.”
This is not the first time WhatsApp has collaborated with Citizen Lab.
In 2019, WhatsApp sued Israeli surveillance firm NSO Group, accusing it of aiding government spies in hacking over a thousand users, including journalists and diplomats.
A US judge ruled in favor of WhatsApp in December, the same month Florida-based investment group AE Industrial Partners acquired Paragon Solutions.
Paragon Solutions is believed to still operate in Israel.
Natalia Krapiva, senior tech-legal counsel at nonprofit Access Now, noted that attacks on journalists and civil society actors are becoming increasingly common.
“Last time WhatsApp notified NSO victims in 2019, we have seen a flood of lawsuits, sanctions, and other consequences for this industry,” Krapiva said.
She added, “But we need more action by lawmakers and the tech sector to reign in the industry as it obviously cannot police itself.”
