Begin typing your search...

WhatsApp confirms major spyware attack on journalists and civil society members: How to stay safe

WhatsApp confirms major spyware attack on journalists and civil society members: How to stay safe

WhatsApp confirms major spyware attack on journalists and civil society members: How to stay safe
X

4 Feb 2025 9:53 PM IST

Meta has confirmed a highly sophisticated zero-click spyware attack on WhatsApp, targeting high-risk individuals, including journalists and members of civil society. Unlike traditional cyber threats, this type of attack does not require any user interaction, making it especially dangerous. The spyware, developed by the Israeli firm Paragon Solutions, has raised significant concerns about privacy.

What is a Zero-Click Attack?

A zero-click attack is a form of cyber threat that doesn't require the victim to take any action. Unlike phishing attacks, which involve clicking on malicious links, zero-click exploits use vulnerabilities to secretly install spyware without any input from the user. Once infected, the attacker can access the device completely, including encrypted messages from platforms like WhatsApp and Signal.

Who Was Targeted?

Meta has identified approximately 90 WhatsApp users across more than 20 countries as victims of this attack. While the exact locations are not disclosed, the individuals targeted appear to be professionals in high-risk fields, such as journalism, activism, and government opposition. This highlights the growing use of surveillance tools to monitor those in critical or controversial professions.

The Role of Paragon Solutions

The spyware behind this attack, known as Graphite, operates similarly to Pegasus, the notorious spyware created by the NSO Group. Once installed, Graphite grants attackers access to a victim’s messages, call logs, and other private data. Meta has responded by taking legal action against Paragon Solutions, issuing a cease-and-desist letter.

Expert Opinions on the Attack

Cybersecurity experts are warning that while these kinds of attacks are still rare for the average user, they are becoming more prevalent among high-profile targets. Adam Boynton, senior security strategy manager at Jamf, pointed out an increase in advanced mobile malware over the past 18 months. Spencer Starkey from SonicWall also noted that new attack techniques are making it harder for cybersecurity professionals to detect these threats.

How to Protect Yourself

Although this attack was aimed at specific targets, all WhatsApp users should take the following precautions:

Enable Lockdown Mode (iPhone users): This limits exposure to potential cyber threats.

Regularly Update Software: Ensuring your device is up to date helps protect against known security vulnerabilities.

Exercise Caution with Unknown Messages: Avoid opening messages from unverified sources.

Strengthen Privacy Settings: Review and update app permissions to limit data access.



The recent WhatsApp spyware attack highlights the increasing dangers to digital privacy. Meta's swift response underscores the growing importance of cybersecurity and legal action against spyware developers. To protect themselves, users should remain vigilant and adopt recommended security measures to safeguard their personal information.

Next Story
Share it