Meta Blocks Paragon Spyware Targeting Journalists on WhatsApp

Meta has confirmed a zero-click spyware attack on WhatsApp that targeted around 90 journalists and civil society members across more than two dozen countries. The breach, detected in December 2024, involved spyware from Israeli firm Paragon Solutions, delivered via a malicious PDF file in WhatsApp group chats.

The attack required no user involvement, making it particularly dangerous. WhatsApp notified the affected individuals, stating it had "high confidence" that they were targeted and possibly compromised. While the perpetrators remain unknown, Meta has taken action against Paragon Solutions, issuing a cease-and-desist letter and considering further measures.

Paragon Solutions, similar to the NSO Group, develops surveillance software for government agencies. Its flagship product, Graphite, is built to counter digital threats. However, this incident marks the first known misuse of its technology. The company, acquired by U.S. investment firm AE Industrial Partners in December 2024 for $500 million, states to provide ethically based tools for cyber operations.

Reports indicate that Graphite was previously deployed in U.S. DEA counternarcotics efforts. In 2024, the Center for Democracy and Technology urged the Department of Homeland Security to disclose details of a $2 million contract with Paragon, raising concerns about the company’s role in surveillance activities.

The revelation of this attack coincides with a legal victory for WhatsApp against the NSO Group, whose Pegasus spyware was used in a similar attack on 1,400 devices in 2019. A California judge recently sided with WhatsApp, reinforcing the company’s stance against spyware firms exploiting its platform.

Additionally, news of the WhatsApp attack emerged as former Polish Justice Minister Zbigniew Ziobro was detained by police for allegedly approving the use of Pegasus spyware to monitor political opponents. This highlights the growing concerns over government-linked surveillance programs and the misuse of commercial spyware against journalists and activists.

Meta continues to advocate for stronger accountability for spyware vendors, emphasizing the need to protect users from unauthorized surveillance. WhatsApp reaffirmed its commitment to ensuring private communication and providing security measures to prevent future breaches.