In a recent disclosure, WhatsApp has revealed that approximately 90 journalists and members of civil society across more than two dozen countries were targeted by spyware developed by the Israeli firm Paragon Solutions. The spyware, known as Graphite, is capable of infiltrating devices without any user interaction—a method referred to as a “zero-click” attack—allowing it to access encrypted messages and other sensitive information.
Whatsapp detects and disrupts hacking attempt
WhatsApp detected and disrupted the hacking attempt, subsequently notifying the affected individuals and issuing a cease-and-desist letter to Paragon Solutions. The company has also reported the incident to law enforcement agencies and collaborated with Citizen Lab, a Canadian internet watchdog, to investigate the matter further.
Paragon Solutions, which was recently acquired by AE Industrial Partners, has declined to comment on the allegations. The company claims to sell its spyware exclusively to stable democratic governments and asserts that it does not conduct business with countries accused of past spyware misuse. Paragon Solutions has used a vector, a method to illegally access a network, to target the users and that the vector involved using groups and sending a malicious PDF file. The spokesperson added that the company has successfully disrupted this exploitation vector.
One of the known targets of this spyware campaign is Francesco Cancellato, the editor-in-chief of Italian investigative news outlet Fanpage. Cancellato received a notification from WhatsApp informing him that his device had been compromised. His investigative work has included exposing extreme right-wing elements within Italy’s political landscape, which may have made him a target.
This incident underscores the ongoing challenges posed by commercial spyware and its potential misuse against journalists and civil society members. Despite claims of ethical practices by spyware companies, such attacks highlight the need for increased accountability and regulation within the industry.
When a phone is infected, the operator of that spyware can typically do anything that you as a user can do on the phone. They can access your encrypted messages, your chats, look at your photographs, browse your messages, listen to your voice memos, look at your notes, read your contacts, get your passwords, and also do some number of things that you can’t do, like silently activating the microphone to listen to a conversation you might be having in a room, or turning on the camera.
WhatsApp’s recent legal victory against another Israeli spyware maker, NSO Group, further emphasizes the company’s commitment to protecting user privacy. A U.S. federal judge ruled that NSO Group had violated state and federal hacking laws by using its Pegasus spyware to target WhatsApp users. This ruling marks a significant milestone in holding spyware companies accountable for unlawful surveillance activities.
The emergence of spyware like Graphite and Pegasus highlights the pressing need for robust cybersecurity measures and legal frameworks to protect individuals from unauthorized surveillance. As technology continues to evolve, so too must the strategies and regulations designed to safeguard privacy and uphold democratic freedoms. But we need more action by lawmakers and the tech sector to reign in the industry as it obviously cannot police itself.
Miracle technologies is a comprehensive NYC based Managed IT Services for Business IT Infrastructures. Our platform is built upon years of unmatched experience at AT&T Labs Research and renowned Wall Street MSPs. We offers cloud support, data center support, C suite services, backbone servers support, security servers, 24/7 managed IT support and Business Continuity/Disaster Recovery.
Our team of IT Support Engineers have consistently overdelivered year after year. Our platform designs, consolidates, upgrades and maintains any IT infrastructure aspect of your business. Our qualified IT support engineers keep your cloud, data centers, vendors management, all backend servers, firewalls, routers, switches, emails, security, and end users devices optimized, while you focus on your core business.
Free IT Support Quotes/Sign Up
myteam@miracletechs.com
(646) 237-4472