Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists

Meta-owned WhatsApp on Friday said it disrupted a campaign that involved the use of spyware to target journalists and civil society members.

The campaign, which targeted around 90 members, involved the use of spyware from an Israeli company known as Paragon Solutions. The attackers were neutralized in December 2024.

In a statement to The Guardian, the encrypted messaging app said it has reached out to affected users, stating it had “high confidence” that the users were targeted and “possibly compromised.” It’s currently not known who is behind the campaign and for how long it took place.

✔ Approved Seller From Our Partners

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount

The attack chain is said to be zero-click, meaning the deployment of the spyware occurs without requiring any user interaction. It’s suspected to involve the distribution of a specially-crafted PDF file sent to individuals who were added to group chats on WhatsApp.

The company also revealed that it had sent Paragon a “cease and desist” letter and that it was considering other options. The development marks the first time the company has been linked to cases where its technology has been misused.

Like NSO Group, Paragon is the maker of surveillance software called Graphite that’s offered to government clients in order to combat digital threats. It was acquired by a U.S.-based investment group AE Industrial Partners in December in a deal worth $500 million.

On its barebones website, the company claims it provides customers with “ethically based tools” to “disrupt intractable threats,” as well as offer “cyber and forensic capabilities to locate and analyze digital data.”

In late 2022, it came to light that Graphite was used by the U.S. Drug Enforcement Administration (DEA) for counternarcotics operations. Last year, the Center for Democracy and Technology (CDT) called on the Department of Homeland Security to release details about its $2 million contract with Paragon.

News of the campaign comes weeks after a judge in California ruled in WhatsApp’s favor in a landmark case against NSO Group for using its infrastructure to deliver the Pegasus spyware to 1,400 devices in May 2019.

Meta’s disclosure also coincided with the arrest of former Polish Justice Minister Zbigniew Ziobro over allegations that he sanctioned the use of Pegasus spyware to surveil opposition leaders and oversaw cases where the technology was used.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.