WhatsApp, the instant messaging app owned by Meta, has revealed a serious privacy intrusion in which advanced Israeli spyware was used to attack mobile devices of journalists and civil society members in several countries. This incident highlights the growing risks of digital surveillance and the ethical implications of these technologies.
According to information shared by the company, Around 90 people were victims of this cyber attack, which was carried out using Graphite, a spyware developed by Paragon Solutions, an Israeli company specializing in cybersecurity tools. WhatsApp claimed to have identified and blocked the attack in December 2024, although it is not clear how long the devices were compromised.
An unprecedented attack: the “zero-click” method
The spying was carried out using a technique known as "zero click," in which no user interaction required to infect the device. In this case, the malware is suspected to have spread via a PDF file sent in chat groups. This method represents a particularly high risk due to its difficulty in being detected.
Graphite software provides full device access Once installed, including encrypted messages sent through apps like WhatsApp and Signal, this level of intrusion allows spy operators to monitor conversations and activities with impunity.
WhatsApp reactions and ongoing legal actions
WhatsApp has sent a cease and desist letter to Paragon Solutions and notified affected individuals directly about this incident. The company is also exploring legal options to tackle the misuse of spyware, highlighting the need for greater regulation in this sector.
A WhatsApp spokesperson stressed the importance of protecting digital communications and stressed that such attacks expose illegal practices by companies that develop surveillance programs. Paragon Solutions has not yet issued any comments on the matter.
A controversial industry and software under scrutiny
Graphite, the spyware in question, shares features with Pegasus, another surveillance program created by NSO Group that has sparked international controversy over its misuse. These tools are often promoted as essential for combat crime and protect national security, But They are systematically used to spy on journalists, activists and political figures..
Paragon Solutions, founded in 2019 in Israel, has been the subject of multiple investigations for its possible links to governments that use these technologies in questionable waysThe company was recently acquired by US investment group AE Industrial Partners for $900 million, raising further suspicions about its operations.
Implications and future research
The Citizen Lab group, known for tracking digital threats, collaborated with WhatsApp to identify key details of the attack. The center is expected to soon publish a report that expands on how the intrusion was carried out. Additional information is also expected measures that could be taken to prevent similar incidents in the future.
The revelations in this case call into question the integrity of companies like Paragon Solutions. They also underline the need for a Stricter regulatory framework for the spyware industryThe continued expansion of these tools raises serious concerns about privacy and global communications security.
The current situation shows that messaging apps can become backdoors for espionage if adequate safeguards are not implemented. This case may be the trigger for a broader debate on the ethics and regulation of these emerging technologies.