On Friday, WhatsApp announced that it had thwarted a hacking initiative aimed at approximately 90 individuals, including journalists and civil society representatives.
A spokesperson for WhatsApp informed TechCrunch that this operation was associated with Paragon, an Israeli spyware firm that was acquired by American private equity firm AE Industrial Partners in December of the previous year.
“We have directly contacted individuals we believe were impacted. This incident underscores the necessity for holding spyware companies accountable for their unlawful actions. WhatsApp remains committed to safeguarding users’ rights to communicate privately,” stated WhatsApp spokesperson Zade Alsawah in a conversation with TechCrunch.
According to WhatsApp, the hacking campaign utilized harmful PDFs shared through WhatsApp groups to infiltrate targets, and the company has implemented measures to mitigate this threat. They also clarified that the targets were not required to take any specific actions for the hack to occur.
John Scott-Railton, a senior researcher at The Citizen Lab with extensive experience examining the misconduct of spyware firms, told TechCrunch that they, too, had noticed this hacking initiative by Paragon using the outlined attack method, and are currently investigating it.
WhatsApp conveyed to TechCrunch that it believes the hacking campaign took place in December and has since sent a cease and desist letter to Paragon.
Idan Nurick, the CEO of Paragon, did not provide a response to a comment request submitted via LinkedIn. AE Industrial also did not reply to inquiries.
This marks the first instance where Paragon has been publicly connected to a hacking campaign targeting journalists and civil society members. Since its inception in 2019, Paragon has managed to maintain a low profile, avoiding the scandals that have plagued other spyware companies like Intellexa and NSO Group, both of which have faced scrutiny from the U.S. government; Intellexa and its founders have been sanctioned, and NSO Group has been placed on a blocklist.
In September, Paragon, through its U.S. subsidiary, secured a contract with the U.S. Immigration and Customs Enforcement, as reported by Wired last year. The New Yorker noted that a source from Paragon indicated the contract came about following a vetting process where the company demonstrated safeguards to prevent targeting of U.S. residents by overseas clients.
It remains uncertain who the specific targets of the spyware campaign disclosed by WhatsApp are. The company stated that these individuals are located in over two dozen nations, including several across Europe.
Natalia Krapiva, senior tech-legal counsel at Access Now, an organization advocating for digital rights and examining abuses of spyware, commended WhatsApp’s actions.
“Paragon has long been regarded as a relatively ‘better’ spyware entity, not linked to obvious violations, but WhatsApp’s recent findings imply otherwise,” Krapiva stated to TechCrunch. “This is not merely an issue of a few bad actors — such abuses are systemic issues within the commercial spyware sector.”
Paragon’s official website claims that it “offers ethically-grounded tools, teams, and insights to combat persistent threats.”
This article has been updated with additional details provided by WhatsApp.
Compiled by Techarena.au.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
