Recent allegations by WhatsApp, a globally renowned messaging app owned by Meta, suggest that nearly 100 journalists and members of civil society have been targeted by a spyware linked to Paragon Solutions, an Israeli hacking software provider. There's high confidence that these individuals' devices may have been compromised, possibly through a "zero-click" attack —an operation that requires no user interaction. 

What remains ambiguous is the party behind this invasion. Paragon is popular among government entities, but WhatsApp's investigations haven't led to the perpetrators behind this brazen assault. The whereabouts of the journalists and civil society members involved are also undisclosed by WhatsApp. 

Paragon has faced fresh criticism after signing a $2m contract with the US Immigration and Customs Enforcement's homeland security investigations division, prompting an investigation to ascertain compliance with a Biden administration executive order limiting the use of spyware by the federal government. 

WhatsApp has reacted by issuing a cease-and-desist notice to Paragon and has commenced exploring legal avenues. Though the intrusion was disrupted in December, the duration of exposure for the targets remains unclear. 

Paragon's Graphite spyware— ranked on par with NSO Group's Pegasus — is capable of total access to an infected phone, including encrypted messages on apps like WhatsApp and Signal. This alarming revelation underscores the urgent need for stricter regulation of commercial spyware usage. 

In the meantime, WhatsApp has taken steps to notify victims of the intrusion and will maintain its commitment to protect private communication. Aided by the Citizen Lab of the University of Toronto, WhatsApp has deduced that a malicious PDF file delivered via group chats was the likely infection channel. As the facts unfold, the need for accountability in the spyware industry is increasingly evident.

- CyberBeat