WhatsApp warns of large-scale cyberattack on journalists in 14 EU countries
Kyiv • UNN
WhatsApp has detected cyberattacks on about 100 journalists and activists in Europe via Graphite spyware from Paragon Solutions. The attacks were carried out through a zero-click vulnerability in group chats.
WhatsApp has sent warnings to nearly 100 journalists and members of non-governmental organizations after it emerged that their devices may have been compromised by spyware from Israeli company Paragon Solutions. The cyberattack affects people with phone numbers from 14 EU countries.
Reported by UNN with reference to Ynetnews and Der Standard.
Details
90 journalists, activists, and other civil society figures in Europe were monitored using spyware from Paragon Solutions.
HelpHelp
Paragon Solutions was founded in Tel Aviv in 2019 with the participation of former Israeli Prime Minister Ehud Barak. In 2024, it was sold to the American private investment company AE.
Paragon Solutions offers spyware called Graphite. Paragon sells the software exclusively to the US government or allies. The company does not disclose which countries are involved.
According to the Israeli portal Ynetnews, Paragon sees itself as a victim in the case of the cyberattack on WhatsApp.
How the cyberattacks were carried out
According to the messaging platform owned by Meta, the attacks exploited a so-called “zero-click” vulnerability, where the victim didn't even have to click on a link - the infection could be delivered via a malicious PDF sent in group chats.
WhatsApp detected and neutralized the attack attempt. So far, the identity of the attackers behind the attacks is unknown. But there is a connection to Paragon. Spyware developed by Paragon Solutions usually targets government clients. The company WhatsApp has officially called on Paragon to cease its operations. Paragon Solutions declined to comment on the allegations.
Citizens in Italy suffer from spying campaig
In a statement, the Italian government said that the cybersecurity service in Rome (Agenzia per la Cybersicurezza Nazionale, ACN) contacted Whatsapp and its legal representatives. Then the authorities were informed that seven Italian citizens had been affected by the spying campaign. However, WhatsApp did not disclose their identities to the Italian government, instead stating that all the victims had been informed.
On Thursday, it was announced that Paragon had immediately terminated its cooperation with the Italian government. According to the Israeli daily Haaretz, the spyware is used by two Italian authorities: an unnamed law enforcement agency and an intelligence service.
EU concerned about cyberattack
On Thursday, Brussels noted that the investigation is the responsibility of national authorities.
The Commission expects the national authorities to thoroughly investigate such allegations. The Commission's position is very clear: any attempt to unlawfully access the data of citizens, including journalists and political opponents, is unacceptable if it is confirmed
AddendumAddendum
This is the first time that Paragon Solutions has been named in such a case, but it is not the first time that the Israeli spyware company has gotten into trouble. NSO Group, the company that developed the infamous Pegasus spyware, was found liable by a US judge in December 2024.
NSO Group violated US state and federal laws by hacking the phones of 1400 WhatsApp users in May 2019
Recall
The FSB-linked hacker group Star Blizzard tried to steal WhatsApp data of pro-Ukrainian organizations. The attackers used phishing emails with QR codes on behalf of the US government.
Spain detains hacker suspected of cyberattacks on NATO and UN websites05.02.25, 23:07 • 33204 views
