Associated Incidents
WhatsApp announced Friday that it identified spyware developed by the Israeli offense-focused cybersecurity company Paragon that breached the accounts of what the Meta-owned company said was nearly 100 journalists and civil society activists.
This is the first time the company, which was recently sold to an American defense contractor, has been linked to cases where the technology may have been abused.
Paragon works exclusively with state entities, including the Israeli security establishment and the FBI in the U.S., providing them with hacking capabilities in the form of spyware called Graphite.
A WhatsApp official told Reuters it had detected an effort to hack approximately 90 users of its platform. WhatsApp did not disclose the location of the targets.
The official declined to say who, specifically, was targeted or where they were geographically, saying only that targets included an unspecified number of people in civil society and media. He said WhatsApp had since disrupted the hacking effort and was referring targets to Canadian internet watchdog group Citizen Lab.
The official declined to discuss how it ascertained that Paragon was responsible for the hack. He said law enforcement and industry partners had been informed, but declined to go into detail.
The FBI did not immediately return a message seeking comment.
The announcement by WhatsApp comes at a dramatic time for the offensive spyware market. After four years of a crackdown on the industry by the American administration, Trump's return to the White House is expected to see the U.S. shift policies like those that saw Paragon's biggest competitor NSO blacklisted.
A U.S. court ruled in December in favor of WhatsApp, owned by Meta, in its lawsuit against the Israel-based NSO Group, the maker of Pegasus spyware. The court held NSO liable for phone hacking conducted with its spyware, which is licensed by Israel for sale to state entities, including, at times, the U.S.
Meta first sued NSO in 2019, alleging the spyware exploited a WhatsApp vulnerability to hack 1,400 devices. NSO denied the allegations and unsuccessfully argued since 2020 that it was entitled to sovereign immunity, given its state-approved sales to law enforcement and intelligence agencies. The U.S. Supreme Court declined to review the immunity question, leaving lower court rulings intact that held NSO, not Israel, accountable for misuse of its technology.
Industry executives told Haaretz at the time that they believed that after Trump was back in office, he would remove NSO from the American blacklist to which it and another Israeli firm, Candiru, were added by the Biden administration. They also viewed the effort to get the legal proceedings concluded between Meta, which is not perceived as being close to Trump, and NSO, which is considered close to Israeli Prime Minister Benjamin Netanyahu, as related.
Citizen Lab researcher John Scott-Railton said the discovery of Paragon spyware targeting WhatsApp users on Friday "is a reminder that mercenary spyware continues to proliferate and as it does, so we continue to see familiar patterns of problematic use."
Paragon was founded by former Prime Minister Ehud Barak and is managed by the former commander of the elite military intelligence unit 8200, Ehud Schneorson. Its activity is supervised by the Defense Ministry and it has developed the Graphite spyware, which it sold to enforcement agencies in Israel, Europe and the United States.
Paragon was sold to an American investment firm for over half a billion dollars in December in a deal that symbolized the start of a new era in Washington and Jerusalem's ties over commercial spyware.
Paragon was purchased by RED Lattice, an American cyber company owned by AE Industrial Partners, a fund specializing in aviation, defense and homeland security, and which works with various defense organizations in the United States.
The American entity, the sources say, will be detached from the Israeli one. Some see the Paragon deal as a model for similar defense tech deals in the future.
Two years ago another American defense cooperation -- L3Harris -- tried to buy NSO, the producer of the Pegasus spyware. But the deal was sabotaged by the Israeli Defense Ministry, which didn't want a leading security company to be sold to a foreign owner. It was also opposed by the White House, which led a firm line against spyware in general and NSO in particular.
Spyware merchants such as Paragon sell high-end surveillance software to government clients and typically pitch their services as critical to fighting crime and protecting national security. But such spy tools have repeatedly been discovered on the phones of journalists, activists, opposition politicians, and at least 50 U.S. officials, raising concerns over the unchecked proliferation of the technology.