Meta Confirms Zero-Click Spyware Attack on WhatsApp Targeting 90 Journalists and Activists

Meta has confirmed a disruption of a zero-click spyware campaign targeting approximately 90 journalists and civil society members via WhatsApp. The spyware, linked to Israeli company Paragon Solutions, was neutralized in December 2024. WhatsApp stated it has reached out to affected users, expressing “high confidence” that they were targeted and “possibly compromised.”

The attack utilized a specially-crafted PDF sent to individuals added to group chats, allowing spyware deployment without user interaction. Meta has issued a “cease and desist” letter to Paragon and is considering further actions. This incident marks the first instance of WhatsApp’s technology being misused in such a manner.

Paragon, which develops surveillance software called Graphite for government clients, was recently acquired for $500 million by a U.S. investment group. The company claims to provide “ethically based tools” for countering digital threats. Graphite was previously reported to be used by the U.S. Drug Enforcement Administration (DEA) for counternarcotics operations.

This revelation comes shortly after a California judge ruled in favor of WhatsApp in a significant case against NSO Group, which used WhatsApp’s infrastructure to deploy Pegasus spyware to 1,400 devices in May 2019. The news also coincides with the arrest of former Polish Justice Minister Zbigniew Ziobro, who allegedly authorized the use of Pegasus to surveil opposition leaders.