According to a WhatsApp representative who spoke to NBC News, an Israeli spyware outfit named Paragon Solutions is suspected of targeting about 90 customers of Meta’s communication program WhatsApp with a spyware operation.
According to the spokesperson, the hack specifically targeted users in more than two dozen countries, mostly in Europe, including journalists and civil society activists. They further stated that Paragon Solutions targeted the users by employing avector, a technique for gaining unauthorized access to a network, and that the vector included mailing a malicious PDF file and leveraging groups. The business has effectively blocked this avenue of exploitation, the representative continued.
Following the string of attempted attacks, WhatsApp delivered a cease-and-desist letter to Paragon Solutions. According to the spokesman, people who are thought to be impacted have been informed via WhatsApp conversation and given advice on how to stay safe from spyware. A request for comment was not immediately answered by Paragon Solutions.
In order to obtain unauthorized access that can harm your phone, steal your data, and jeopardize your privacy and security, these attackers search for flaws in apps or the operating system of mobile phones, or they attempt to fool users into clicking on malicious links or downloading malware, according to a WhatsApp help page on spyware.
The head editor of the Italian online newspaper Fanpage.it, Francesco Cancellato, revealed in an article that he was among the journalists targeted by the assault. WhatsApp claimed to have halted the attack in December in the message it sent Cancellato alerting him that he might have been impacted.
According to the spokesperson, the spyware campaign was tracked with assistance from the company’s security team and Citizen Lab, a cybersecurity research lab located at the University of Toronto’s Munk School of Global Affairs.
A hack like this one can make a phone become a spy in your pocket, according to John Scott-Railton, a senior researcher at Citizen Lab, who spoke to NBC News.
According to Scott-Railton, when a phone is infected, the spyware operator can usually do anything that you, as the user, can do on the phone. They have access to your encrypted messages, chats, photos, messages, voice memos, notes, contacts, passwords, and a variety of other things that you are unable to do, such as turning on the camera or silently turning on the microphone to listen in on a conversation you may be having in a room.
In 2019, WhatsApp collaborated with Citizen Lab after suing Israeli surveillance company NSO Group, alleging that the messaging service let government spies hack the phones of more than 1,000 users, including political dissidents, journalists, diplomats, and high-ranking government officials. A U.S. judge decided in favor of WhatsApp in December. In the same month, NSO Group’s rival, the Florida-based investment group AE Industrial Partners, purchased Paragon Solutions. Paragon Solutions is still thought to be active in Israel.
These attacks on journalists and other civil society actors are growing more frequent, according to data conducted by the internet access NGO Access Now, according to Natalia Krapiva, senior tech-legal counsel.
“We have seen a flood of lawsuits, sanctions, and other consequences for this industry since WhatsApp last notified NSO victims in 2019,” Krapiva added. However, since the industry is clearly unable to regulate itself, greater action from policymakers and the tech sector is required to bring it under control.