• Cryptocurrency
  • Earnings
  • Enterprise
  • About TechBooky
  • Submit Article
  • Advertise Here
  • Contact Us
TechBooky
  • African
  • AI
  • Metaverse
  • Gadgets
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
  • African
  • AI
  • Metaverse
  • Gadgets
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
TechBooky
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Home General App

WhatsApp Blocks Malware Attack Targeting Journalist

Akinola Ajibola by Akinola Ajibola
February 1, 2025
in App, Security
Share on FacebookShare on Twitter

The messaging app claimed to have “high confidence” that Paragon Solutions malware had targeted and “possibly compromised” a few users.

On Friday, WhatsApp, the well-known messaging program owned by Meta said that it had stopped the malware operations that is the hacking effort that targeted over 100 users, including journalists and other civil society representatives and journalists. WhatsApp told the Guardian it had “high confidence” that the 90 users in question had been targeted and “possibly compromised,” warning the journalists and other members of civil society of a potential hack of their devices.

The identity of the attacker remains unknown. WhatsApp claimed it was unable to identify the clients who commissioned the alleged assaults, and like other spyware manufacturers, government clients utilize Paragon’s hacking tools.

The campaign was connected to Paragon, an Israeli spyware manufacturer that was purchased by American private equity firm AE Industrial Partners in December of last year, a WhatsApp representative told TechCrunch.

“We have made direct contact with those we feel were impacted. This is the most recent illustration of why spyware businesses need to answer for their illegal activities. WhatsApp spokesman Zade Alsawah assured TechCrunch that the company will keep safeguarding users’ private communication rights.

According to experts, the targeting was a “zero-click” assault, meaning that in order for targets to become infected, they would not have needed to click on any malicious links. WhatsApp claimed to have issued a patch to stop the hacking campaign’s usage of malicious PDFs shared over WhatsApp groups to infect targets.

TechCrunch was informed by John Scott-Railton, a senior researcher at The Citizen Lab who has spent years studying spyware businesses and their misuses, that they have also seen this hacking effort by Paragon employing this particular attack vector and are looking into it.

WhatsApp refused to provide the journalists’ and civil society representatives’ whereabouts, including if they were situated in the United States. And Whatsapp claimed that they had informed TechCrunch that it delivered a stop and desist letter to Paragon and that it thought the hacking effort took place in December. 

The US headquarters of Paragon are located in Chantilly, Virginia. The business has been under fire lately because Wired magazine revealed in October that it had signed a $2 million deal with the homeland security investigations branch of the US Immigration and Customs Enforcement.

A request for comment via LinkedIn was not answered by Paragon CEO Idan Nurick. A request for response from AE Industrial was not answered.

For the first time, Paragon has been made publicly associated with a hacking effort that purportedly targeted civil society activists and journalists. Since its establishment in 2019, Paragon has managed to maintain a low profile and stay out of the spotlight, unlike other spyware manufacturers like Intellexa and NSO Group, who have both been targeted by the US government. NSO Group was placed on a blocklist, while Intellexa and its founders were sanctioned. 

As Wired disclosed last year, Paragon entered into a contract with the U.S. Immigration and Customs Enforcement in September through its U.S. company. According to a Paragon source quoted by The New Yorker, the contract was awarded following a screening procedure in which the business proved its technology had safeguards against foreign clients targeting Americans.

Who the targets of this WhatsApp-disclosed malware campaign are is still unknown.

WhatsApp’s measures were praised by Natalia Krapiva, senior tech-legal counsel at Access Now, a digital rights group that looks into spyware abuses.

“Paragon has long been seen as a ‘better’ spyware company that hasn’t been linked to any blatant misuses, but WhatsApp’s recent disclosures imply otherwise,” Krapiva told TechCrunch. “The commercial spyware industry is known for these kinds of abuses, so it’s not just a matter of a few bad apples.”

“Offers our customers ethically based tools, teams, and insights to disrupt intractable threats,” according to Paragon’s official website.

According to reports, the division placed a stop-work order on the contract to check if it met with an executive order issued by the Biden administration that limited the federal government’s use of spyware. The 2023 directive, which forbade the use of malware that constituted a national security risk, is still in force even though the Trump administration has repealed scores of the Biden administration’s executive orders in its first two weeks in office.

WhatsApp stated that it was investigating its legal options and that it had issued Paragon a “cease and desist” letter. WhatsApp stated that it was unclear how long the targets would have been in danger and that the purported attacks had been stopped in December.

WhatsApp will get in touch with the victims of the purported hacking, who are now being notified by the business.

WhatsApp has thwarted a Paragon malware operation that targeted a variety of users, including civil society representatives and journalists. We’ve made direct contact with those we think were impacted. This is the most recent illustration of why spyware businesses need to answer for their illegal activities. A business representative stated, “WhatsApp will continue to protect people’s ability to communicate privately.”

Paragon Solutions chose not to respond.

According to a person close to the company, Paragon had 35 government clients, all of whom could be regarded as democratic, and it avoided doing business with nations that had previously been accused of misusing spyware, including several democracies, the Guardian said. According to the source, that included Mexico, India, Greece, Poland, and Hungary.

The features of Graphite, the spyware from Paragon, are similar to those of Pegasus, the malware from NSO Group. Once a phone has been infected with Graphite, the spyware operator has complete control over the device, including the ability to read messages transmitted through encrypted apps like Signal and WhatsApp.

Former Israeli Prime Minister Ehud Barak created the corporation, which has lately been the focus of Israeli media coverage following allegations that the organization was sold to AE Industrial Partners, a US private equity firm, for $900 million.

According to reports, Israel’s regulators have not yet given the purchase its complete permission. The Israeli Ministry of Defense regulates cyberweapons such as Pegasus and Graphite. The Boca Raton, Florida-based AE Industrial Partners was contacted by The Guardian. The company’s website does not include Paragon as one of its investors.

“Paragon has long been seen as a “better” spyware provider that hasn’t been connected to any glaring misuses, but WhatsApp’s most recent disclosures seem to contradict that. According to Natalia Krapiva, senior tech legal counsel at Access Now, “this is not just a problem of a few bad apples; these kinds of abuses are a feature of the commercial spyware industry.”

WhatsApp said that it thought a malicious PDF file given to users who were joined to group conversations was the “vector,” or how the virus was spread to users. With “confidence,” WhatsApp claimed to be able to link Paragon to this targeting.

According to John Scott-Railton, a senior researcher at the University of Toronto’s Citizen Lab, which monitors and detects online threats against civil society, WhatsApp received some information from Citizen Lab that aided the company in comprehending the vector that was employed against its users.

In the future, the organization is anticipated to release a report that will include further information regarding the purported targeting.

WhatsApp made the announcement a few weeks after a California judge decided in the company’s favour in a historic lawsuit against NSO Group, the well-known spyware manufacturer that the Biden administration had put on a commerce department blacklist in 2021. NSO was put on the so-called entity list by the Biden administration at the time due to its involvement in actions “that are contrary to the national security or foreign policy interests of the United States.”

NSO has advocated for congressional members to be removed from the list.

In 2019, WhatsApp claimed that 1,400 users had been infected by NSO’s malware and launched a lawsuit against the firm. A judge named Phyllis Hamilton declared in December that NSO was responsible for the assaults and that it had breached both WhatsApp’s own terms of service and state and federal hacking laws in the United States.

Related Posts:

  • ORJAL4DYNFOR3K2HJT2YITAO6Q
    Meta Warns of WhatsApp Security Threat
  • skynews-russia-hacker_5812455
    Russian Hackers Target WhatsApp for Data on Ukraine
  • Qualcomm
    Zero-Day Flaw in Qualcomm Chips Exploited to Attack…
  • WhatsApp-754×424
    WhatsApp Introduces New Privacy Features: Users Can…
  • whatsapp-updates
    NCLAT Lifts Ban on Data Sharing, Bringing Relief to…
  • WhatsApp Is Testing A Feature That Lets Users Hide Their ‘Online’ Status
    WhatsApp Is Testing A Feature That Lets Users Hide…
  • skynews-instagram-meta-facebook_6688367
    WhatsApp iOS Users May Soon Link Instagram Profiles
  • WA_VIEW_ONCE_PHOTOS_VIDEOS_VOICE_MESSAGES_LINKED_DEVICES_ANDROID
    WhatsApp Tests View-Once Media Support for Linked Devices

Discover more from TechBooky

Subscribe to get the latest posts sent to your email.

Tags: cybersecurityjournalistmalwarewhatsapp
Akinola Ajibola

Akinola Ajibola

BROWSE BY CATEGORIES

Select Category

    Receive top tech news directly in your inbox

    subscription from
    Loading

    Freshly Squeezed

    • AI Helps Google One Reach 150 Million Subscribers May 16, 2025
    • FT Lists Paymenow, TymeBank & Omnisient Among Africa’s Fastest-Growing Firms May 16, 2025
    • MoonPay and Mastercard Partner to Advance Stablecoin Payments May 16, 2025
    • Google Gemini Advanced Users Can Now Link to GitHub May 16, 2025
    • TikTok Accused of Violating EU Internet Content Rules May 15, 2025
    • Activists and Users Criticize NCC & Telcos Over Customer Penalties May 15, 2025

    Browse Archives

    May 2025
    MTWTFSS
     1234
    567891011
    12131415161718
    19202122232425
    262728293031 
    « Apr    

    Quick Links

    • About TechBooky
    • Advertise Here
    • Contact us
    • Submit Article
    • Privacy Policy

    Recent News

    AI Helps Google One Reach 150 Million Subscribers

    AI Helps Google One Reach 150 Million Subscribers

    May 16, 2025
    FT Lists Paymenow, TymeBank & Omnisient Among Africa’s Fastest-Growing Firms

    FT Lists Paymenow, TymeBank & Omnisient Among Africa’s Fastest-Growing Firms

    May 16, 2025
    MoonPay and Mastercard Partner to Advance Stablecoin Payments

    MoonPay and Mastercard Partner to Advance Stablecoin Payments

    May 16, 2025
    Google Gemini Advanced Users Can Now Link to GitHub

    Google Gemini Advanced Users Can Now Link to GitHub

    May 16, 2025
    TikTok Accused of Violating EU Internet Content Rules

    TikTok Accused of Violating EU Internet Content Rules

    May 15, 2025
    Activists and Users Criticize NCC & Telcos Over Customer Penalties

    Activists and Users Criticize NCC & Telcos Over Customer Penalties

    May 15, 2025
    • Login

    © 2021 Design By Tech Booky Elite

    Generic selectors
    Exact matches only
    Search in title
    Search in content
    Post Type Selectors
    • African
    • Artificial Intelligence
    • Gadgets
    • Metaverse
    • Tips
    • About TechBooky
    • Advertise Here
    • Submit Article
    • Contact us

    © 2021 Design By Tech Booky Elite

    Discover more from TechBooky

    Subscribe now to keep reading and get access to the full archive.

    Continue reading

    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok