WhatsApp has confirmed that a widespread spyware attack, allegedly carried out by an Israeli company named Paragon Solutions, targeted approximately 90 users of the messaging platform. Among the affected individuals were journalists and members of civil society from more than two dozen countries, with a focus on Europe, according to a spokesperson for the service.

The attack exploited a vulnerability through malicious PDF files sent via group chats, allowing the spyware to gain unauthorized access to users' devices. WhatsApp's security team, in collaboration with cybersecurity research group Citizen Lab, successfully disrupted the campaign. A cease-and-desist letter has been sent to Paragon Solutions following the attempted breach.

The company alerted those believed to be impacted through WhatsApp messages and provided guidance on how to safeguard their devices from spyware. The spokesperson emphasized that such spyware can compromise privacy by damaging phones, stealing sensitive information, and putting users at risk.

Francesco Cancellato, editor-in-chief of Italian news site Fanpage.it, publicly shared his experience as a target of the attack. He confirmed that WhatsApp notified him in December that the breach had been blocked.

Citizen Lab, which assisted in tracking the spyware's spread, explained that the hack could turn an infected phone into a surveillance tool. According to John Scott-Railton, senior researcher at Citizen Lab, the spyware could access encrypted messages, photographs, contacts, passwords, and even activate a phone's microphone or camera to spy on users without their knowledge.

WhatsApp has a history of fighting spyware campaigns. In 2019, the platform sued NSO Group, an Israeli surveillance firm, for allegedly helping governments spy on thousands of users, including journalists, diplomats, and political dissidents. In a significant legal victory for WhatsApp, a U.S. judge ruled in its favor in December 2023. That same month, Paragon Solutions, a competitor to NSO, was acquired by Florida-based AE Industrial Partners, though it is believed the company still operates out of Israel.

Experts from organizations like Access Now have raised concerns over the growing trend of attacks targeting journalists and civil society activists. Natalia Krapiva, senior tech-legal counsel at Access Now, noted that these types of spyware campaigns are becoming increasingly common and called for stronger action from lawmakers and the tech industry to regulate this covert sector.

As the issue of digital surveillance intensifies, experts continue to advocate for measures that protect users' rights to privacy and security in an increasingly interconnected world.