{"id":1694,"date":"2025-02-01T10:03:39","date_gmt":"2025-02-01T10:03:39","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/02\/01\/israeli-firm-paragon-attack-whatsapp-with-new-zero-click-spyware\/"},"modified":"2025-02-01T10:03:39","modified_gmt":"2025-02-01T10:03:39","slug":"israeli-firm-paragon-attack-whatsapp-with-new-zero-click-spyware","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/02\/01\/israeli-firm-paragon-attack-whatsapp-with-new-zero-click-spyware\/","title":{"rendered":"Israeli Firm Paragon Attack WhatsApp With New Zero-Click Spyware"},"content":{"rendered":"<p>    Israeli Firm Paragon Attack WhatsApp With New Zero-Click Spyware<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>WhatsApp revealed on Friday that a \u201czero-click\u201d spyware attack, attributed to the Israeli firm Paragon, has targeted scores of users worldwide, including journalists and members of civil society.<\/p>\n<p>The spyware targeted nearly 100 WhatsApp users, including journalists, and did not require any user interaction, nor did it require clicking links or opening attachments, making it particularly insidious.<\/p>\n<p>In a statement, WhatsApp spokesperson confirmed with Cyber Security News that it had dismantled the attack vector, alerted affected users, and taken steps to notify the public about the breach.<\/p>\n<p><em>\u201cWe disrupted a spyware campaign by Paragon that targeted a number of users, including journalists and other individuals. We have directly contacted those we believe were affected and We have directly contacted the individuals we believe were affected \u201d <\/em><\/p>\n<p><em>\u201c<\/em>This collaboration involved\u00a0Citizen Lab, a renowned cybersecurity watchdog, which provided key insights enabling <a href=\"https:\/\/cybersecuritynews.com\/whatsapp-new-privacy-profile-photo\/\">WhatsApp<\/a> to reconstruct the attack. <\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">12\/ I think spyware companies also chase customers in the US to distract from this:<\/p>\n<p>Their business model is hacking American companies. In the service of foreign governments. <\/p>\n<p>No doubt they&#8217;re already thinking of how to add targeting of American <a href=\"https:\/\/twitter.com\/hashtag\/AI?src=hash&amp;ref_src=twsrc%5Etfw\">#AI<\/a> services.<\/p>\n<p>How exactly have\u2026<\/p>\n<p>\u2014 John Scott-Railton (@jsrailton) <a href=\"https:\/\/twitter.com\/jsrailton\/status\/1885536695363527063?ref_src=twsrc%5Etfw\">February 1, 2025<\/a>\n<\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div>\n<\/figure>\n<p>\u201cThey can access your encrypted messages, read your chats, view your photos, browse your messages, listen to voice memos, check your notes, access your contacts, and steal your passwords.\u201d<\/p>\n<p>\u201cThey can also do things you can\u2019t, like silently activating your microphone to eavesdrop on conversations or turning on your camera.\u201d<\/p>\n<p><em>\u201cThis is the latest example of why spyware companies must be held accountable for their wrongdoing. WhatsApp will continue to protect people\u2019s ability to communicate privately.\u201d<\/em> John Scott-Railton, a senior researcher at Citizen Lab said.<\/p>\n<p>Fanpage.io, a media outlet, first reported that its director, Francesco Cancellato of the Italian newspaper Fanpage.it, was among the victims of the spyware attack. <\/p>\n<p>The breach targeted over 90 journalists, activists, and members of civil society worldwide. Cancellato confirmed receiving a notification from WhatsApp about the attack on his device.<\/p>\n<p>\u201cOur investigations indicate that you may have received a malicious file through WhatsApp, and the spyware may have accessed your data, including messages saved on your device.\u201d<\/p>\n<p>Cancellato explained that his team, alongside independent analysts, is conducting a detailed analysis to determine the scope of the breach, including what data was accessed and for how long. \u201cWe also want to know who ordered this espionage activity,\u201d he said.<\/p>\n<p>The organization has been closely monitoring spyware firms like Paragon, which markets itself as a more ethical alternative to controversial companies like <a href=\"https:\/\/cybersecuritynews.com\/pegasus-spyware-detected-in-new-mobile-devices\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">NSO Group<\/a>, maker of the notorious Pegasus spyware.<\/p>\n<p>Despite claims of operating only within democratic nations and adhering to human rights principles, Paragon\u2019s reputation is now under scrutiny following the WhatsApp revelation.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Paragon\u2019s Push for U.S. Market Entry<\/strong><\/h2>\n<p>Paragon recently positioned itself as a model of ethical conduct in the spyware industry, aiming to secure access to the lucrative U.S. market. However, its ambitions hit a stumbling block late last year when a key contract was paused for review amid national security and human rights concerns.<\/p>\n<p>This review stemmed partly from an executive order issued by the Biden administration to curb the proliferation of commercial surveillance tools. The order required rigorous scrutiny of spyware deals to align with U.S. counterintelligence interests and international human rights commitments.<\/p>\n<p>\u201cPut secret phone hacking technology in the hands of a government that thinks they won\u2019t be caught, and abuses are a matter of <em>when<\/em>, not <em>if<\/em>,\u201d noted one cybersecurity expert. Even democracies, they contend, have a long history of surveillance abuse due to weak oversight and inadequate checks and balances. <\/p>\n<p>The news has also sparked concerns about the potential exposure of sensitive information from U.S. officials and allies. <\/p>\n<p>Paragon has yet to comment on WhatsApp\u2019s disclosures. However, the revelation casts a shadow over the company\u2019s operations and could lead to increased scrutiny of the entire spyware industry.<\/p>\n<p>This latest incident highlights the dangers posed by mercenary spyware firms and their unchecked proliferation, reminding governments and tech companies alike of the urgent need for stronger regulations in the surveillance technology marketplace.<\/p>\n<p class=\"has-text-align-center has-background\" style=\"background:linear-gradient(135deg,rgb(238,238,238) 100%,rgb(169,184,195) 100%)\"><strong>Find this Story Interesting! Follow us on\u00a0<a href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMOffpwsw1Oq_Aw\" target=\"_blank\" rel=\"noreferrer noopener\">Google News<\/a>,\u00a0<a href=\"https:\/\/www.linkedin.com\/company\/cybersecurity-news\/\" target=\"_blank\" rel=\"noreferrer noopener\">LinkedIn<\/a>, and\u00a0<a href=\"https:\/\/x.com\/The_Cyber_News\" target=\"_blank\" rel=\"noreferrer noopener\">X<\/a>\u00a0to Get More Instant Updates<\/strong><\/p>\n<figure class=\"wp-block-embed aligncenter is-type-wp-embed is-provider-cyber-security-news wp-block-embed-cyber-security-news\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"wp-embedded-content\" data-secret=\"qhKH5dQGX9\"><p><a href=\"https:\/\/cybersecuritynews.com\/whatsapp-new-privacy-profile-photo\/\">WhatsApp New Privacy Let Users Control who Can See The Profile Photo<\/a><\/p><\/blockquote>\n<p><iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" title=\"\u201cWhatsApp New Privacy Let Users Control who Can See The Profile Photo\u201d \u2014 Cyber Security News\" src=\"https:\/\/cybersecuritynews.com\/whatsapp-new-privacy-profile-photo\/embed\/#?secret=0wMUbBwm8z#?secret=qhKH5dQGX9\" data-secret=\"qhKH5dQGX9\" width=\"600\" height=\"338\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe>\n<\/div>\n<\/figure>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/zero-click-spyware-attack-whatsapp\/\">Israeli Firm Paragon Attack WhatsApp With New Zero-Click Spyware<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Balaji N<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/zero-click-spyware-attack-whatsapp\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Israeli Firm Paragon Attack WhatsApp With New Zero-Click Spyware WhatsApp revealed on Friday that a \u201czero-click\u201d spyware attack, attributed to the Israeli firm Paragon, has targeted scores of users worldwide, including journalists and members of civil society. The spyware targeted nearly 100 WhatsApp users, including journalists, and did not require any user interaction, nor did [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,131,460],"tags":[130],"class_list":["post-1694","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-vulnerability","category-whatsapp","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/1694"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=1694"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/1694\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=1694"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=1694"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=1694"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}