About 100 journalists and civil society activists were targeted by Israeli spyware company Paragon Solutions and their devices were infiltrated through WhatsApp. Meta said it had “high confidence” that users could have been attacked and compromised. The victims were infected on their devices without clicking on any malicious links. The primary vector of infection was a malicious PDF sent in a group chat.
WhatsApp notified the victim of the potential data breach and issued a cease and desist order against Paragon Solutions. The attack has raised new concerns about global cybersecurity and the use of commercial spyware by governments. Paragon Solutions, founded by former Israeli Prime Minister Ehud Barak, has officially stated that it only works with “democratic countries.” However, it has been criticized by digital security experts for its spying capabilities, similar to those of Pegasus (NSO Group).
Paragon Solutions first came to light in October 2024 when Wired reported that the company had signed a $2 million contract with the U.S. Department of Homeland Security. The contract was later terminated due to a review of Biden’s executive order restricting the use of spyware by federal agencies. WhatsApp previously won a lawsuit against NSO Group, which was blacklisted by the U.S. in 2021 for violating national security. It was.
The Paragon Solutions case is yet another example of how spyware remains a serious threat to encrypted messaging apps like WhatsApp and Signal. Tech companies and human rights groups are calling for greater international oversight of the spread of such software
96 
94 
105 