WhatsApp said on Friday that it had disturbed a hacking campaign aimed at about 90 users, including journalists and civil society members.
A WhatsApp spokesman told TechCrunch that the campaign was linked to Paragon, an Israeli manufacturer Spyware acquired in December last year by US private giant Ae Industrial Partners.
“We have arrived directly to people we believe have been hit. This is his last example of why Spyware companies must be held accountable for their illegal actions. Whatsapp will continue to protect people’s ability to communicate privately,” his spokesman said Whatsapp zade alsawah in TechCrunch.
WhatsApp said the hacking campaign used malicious PDFs sent through WhatsApp groups to reconcile goals and said it had pushed a solution to prevent this mechanism. Hack did not require any action from the goals, according to the company.
John Scott-Rilton, a senior researcher at the Citizens’ Laboratory, who for years explored Spyware companies and their abuses, told TechCrunch that they have also observed this hacking campaign from Paragon using this particular attack vector and investigating it .
WhatsApp told TechCrunch that she believed that the hacking campaign happened in December and sent a pause and abandonment letter to Paragon.
Contact us
Do you have more information about Paragon and this spyware campaign? From a non-work device, you can contact Lorenzo Franceschi-bicchierai safely on the signal on +1 917 257 1382, or via the telegraph and keybase @lorenzofb or email. You can also contact TechCrunch via securedrop.
Idan Nurick, Paragon’s chief executive, did not respond to a request for comments sent through LinkedIn. AE Industrial did not respond to a request for comments.
This is the first time Paragon has been publicly linked to a hacking campaign that is allegedly targeted by journalists and members of civil society. Since its inception in 2019, Paragon has been able to maintain a low profile and avoid getting Ensnared in scandals such as other Spyware manufacturers such as Intellexa and NSO Group, who were both the US government’s goal, with Intellexa and its founders were ratified and the NSO group is placed on a list block.
Paragon, through its American subsidiary, A contract was signed With US immigration and customs enforcement in September, As Wired revealed last year. New York reported a Paragon source He said the contract came after a examination procedure in which the company proved that its technology had checks to prevent customers abroad from targeting US residents.
At this point, it is not clear what are the goals of this spyware campaign revealed by WhatsApp. The company said the targets were in over two dozen countries, including several in Europe.
Natalia Krapiva, the senior technical-legal adviser at Access Now, a digital rights organization investigating Spyware abuses, celebrated the actions taken by Whatsapp.
“For some time Paragon had the reputation of a ‘best’ Spyware company not involved in obvious abuse, but recent Whatsapp revelations suggest differently,” Krapiva told TechCrunch. “This is not just a matter of some bad apples – These types of abuse are a feature of the Spyware Commercial Industry. “
On its official websiteParagon says that “it provides our customers tools, groups and ideas based on ethics, groups and ideas to disrupt the intolerable threats”.
This story has been informed in more details than WhatsApp.
