HomeCII/OTIsraeli Surveillance Company Paragon Implicated in WhatsApp Zero-Click Attack

Israeli Surveillance Company Paragon Implicated in WhatsApp Zero-Click Attack

Published on

spot_img

WhatsApp, the popular messaging app owned by Meta, has recently taken action to address a targeted spyware campaign that impacted approximately 90 individuals, including journalists and members of civil society organizations. The platform has confirmed that those affected have been directly notified about the security breach, but has not disclosed the specific locations of the affected individuals.

The investigation conducted by WhatsApp has pointed to Paragon Solutions, an Israeli spyware firm acquired by AE Industrial Partners, as the source of the attack. It was revealed that the attack involved the distribution of malicious PDF files through WhatsApp groups, with experts labeling it as a “zero-click” attack that did not require users to click on any malicious links. To address this vulnerability, WhatsApp has released a security update to safeguard its users against such attacks in the future.

John Scott-Railton, a senior researcher at The Citizen Lab, independently observed and is now investigating this campaign. He raised concerns about the targeting of journalists and civil society members, emphasizing that this incident highlights a broader issue within the commercial spyware industry, rather than an isolated occurrence.

The campaign, believed to have taken place in December, prompted WhatsApp to issue a cease and desist letter to Paragon. Notably, Paragon has previously maintained a low profile and this incident marks its first major controversy in the hacking landscape. The company came under scrutiny after Wired Magazine reported on a $2 million contract it signed with the US Immigration and Customs Enforcement’s homeland security investigations division.

WhatsApp’s legal victory against NSO Group, another Israeli spyware firm, has set a precedent for challenging the spyware industry. In the case against NSO Group, the company was found liable for exploiting a WhatsApp vulnerability to deploy its Pegasus spyware on multiple devices, targeting journalists, activists, and government officials. This underscores the importance of holding spyware companies accountable for their actions, as emphasized by WhatsApp’s commitment to protecting user privacy and ensuring secure communication channels.

The recent campaign orchestrated by Paragon targeted individuals across more than two dozen countries, with a particular focus on Europe. Italian news outlet fanpage.it confirmed that it was among the targets of this attack. WhatsApp collaborated with The Citizen Lab on its investigation, shedding light on the systemic issue of targeting journalists and civil society by commercial spyware entities.

As of now, Paragon and AE Industrial Partners have not responded to the news surrounding the spyware campaign. However, WhatsApp remains steadfast in its efforts to combat such threats and uphold user privacy rights. The platform’s spokesperson reiterated the importance of holding spyware companies accountable for their actions and ensuring the continued protection of private communication channels.

In conclusion, WhatsApp’s proactive stance against spyware attacks underscores the ongoing challenges faced by technology platforms in safeguarding user data and privacy in the digital age. The collaboration between tech companies, researchers, and civil society organizations remains crucial in addressing such security threats and ensuring a safe online environment for all users.

Source link

Latest articles

Hewlett Packard notifies employees of data breach by Russian hackers

Hewlett Packard Enterprise (HPE) has recently disclosed a cyberattack that took place in May...

Attackers conceal malicious code within Hugging Face AI model Pickle files

In the realm of machine learning (ML) models, Pickle stands out as a popular...

Ghidra 11.3 release includes new features, performance enhancements, and bug fixes

The NSA's Research Directorate recently announced the release of Ghidra 11.3, the latest version...

Google Mandiant identifies MSI flaw in Lakeside Software

A vulnerability in a Microsoft software installer developed by Lakeside Software has been discovered,...

More like this

Hewlett Packard notifies employees of data breach by Russian hackers

Hewlett Packard Enterprise (HPE) has recently disclosed a cyberattack that took place in May...

Attackers conceal malicious code within Hugging Face AI model Pickle files

In the realm of machine learning (ML) models, Pickle stands out as a popular...

Ghidra 11.3 release includes new features, performance enhancements, and bug fixes

The NSA's Research Directorate recently announced the release of Ghidra 11.3, the latest version...