News Desk
New York — Nearly 100 journalists and civil society members were reportedly targeted by Israeli spyware firm Paragon using Meta’s WhatsApp, according to sources cited by The Guardian. The attack, which WhatsApp said it had “high confidence” in identifying, may have compromised the devices of those affected.
WhatsApp did not disclose the locations of the targeted individuals but confirmed it had sent Paragon a cease-and-desist letter following the breach. The company stated that it had successfully disrupted the spyware campaign in December, though it remains unclear how long the individuals had been under threat.
“This is the latest example of why spyware companies must be held accountable for their unlawful actions,” a WhatsApp spokesperson said, emphasizing its commitment to protecting private communication.
Paragon, whose U.S. office is based in Chantilly, Virginia, has faced scrutiny over its links to U.S. agencies. WIRED reported last October that the firm had secured a $2 million contract with the U.S. Immigration and Customs Enforcement (ICE). However, ICE later suspended the contract to assess its compliance with a Biden administration order restricting federal use of spyware.
The spyware, known as Graphite, can infiltrate a target’s phone, granting operators full access to messages on encrypted apps like WhatsApp and Signal. According to WhatsApp, the attack vector involved sending malicious PDF files to individuals after adding them to a group chat.
WhatsApp stated it was confident in linking Paragon to the attack, underscoring growing concerns over the use of commercial spyware against journalists and activists worldwide.
