"WhatsApp says journalists and civil society members were targets of Israeli spyware", 31 January 2025

Nearly 100 journalists and other members of civil society using WhatsApp, the popular messaging app owned by Meta, were targeted by spyware owned by Paragon Solutions, an Israeli maker of hacking software, the company alleged today.

The journalists and other civil society members were being alerted of a possible breach of their devices, with WhatsApp telling the Guardian it had “high confidence” that the users in question had been targeted and “possibly compromised”.

Experts said the targeting was a “zero-click” attack, which means targets would not have had to click on any malicious links to be infected.

WhatsApp declined to disclose where the journalists and members of civil society were based, including whether they were based in the US.

...

WhatsApp said it had sent Paragon a “cease and desist” letter and that it was exploring its legal options. WhatsApp said the alleged attacks had been disrupted in December and that it was not clear how long the targets may have been under threat.

...

The Guardian reached out to Paragon Solutions for a comment but the company did not immediately respond.

...

WhatsApp said it believed the so-called vector, or means by which the infection was delivered to users, was through a malicious pdf file that was sent to individuals who were added to group chats. WhatsApp said it could say with “confidence” that Paragon was linked to this targeting.