Paragon a surveillance technology company established in 2019, developed Graphite, a spyware tool marketed with built-in safeguards to prevent misuse. Unlike NSO Group, whose spyware has been linked to authoritarian regimes, Paragon claims its technology is designed to avoid targeting activists, politicians, and journalists.
Global Deployment and Usage
Citizen Lab’s research has uncovered evidence of Graphite spyware being deployed in multiple countries, including Australia, Canada, Denmark, Singapore, Israel, and Cyprus. Reports suggest that Canadian law enforcement may have used the spyware, further intensifying debates over government surveillance practices.
Targeting in Italy and Meta’s Involvement
Graphite recently made headlines following reports of its use in Italy against Android and iPhone users. Despite allegations of spyware being deployed against journalists and migrant activists, the Italian government has denied involvement in such activities.
Meta also issued warnings to 90 users across 24 countries, informing them of targeted attacks involving Graphite spyware over WhatsApp. The company’s security team worked closely with Citizen Lab to identify and mitigate a zero-click WhatsApp exploit linked to Paragon.
Exploitation of WhatsApp Zero-Day Vulnerability
Citizen Lab’s investigation revealed that Paragon’s spyware leveraged a WhatsApp zero-day vulnerability requiring no user interaction to compromise devices. Meta confirmed that this exploit was addressed on the server side, preventing further abuse without requiring user action.
Additionally, an Android component known as BigPretzel, associated with previous attacks on WhatsApp users, has been linked to Paragon’s spyware operations, raising further concerns about the company’s security claims.
Contradictions in Paragon’s Claims
Despite Paragon’s assurances that its spyware is not used to target activists or journalists, the cases investigated by Citizen Lab suggest otherwise. The findings indicate a troubling trend of surveillance against human rights groups, government critics, and media personnel, calling into question the company’s stated policies on ethical use.
Ongoing Surveillance and Cybersecurity Risks
Graphite’s confirmed use in multiple countries, its involvement in WhatsApp zero-click exploits, and its apparent targeting of civil society raise pressing concerns about surveillance abuses. While Meta and cybersecurity researchers continue to monitor spyware threats, the evolving landscape of digital surveillance highlights the urgent need for stronger regulations and accountability in the spyware industry.
Frequently Asked Questions
What is Graphite spyware?
Graphite reportedly exploits zero-day vulnerabilities, including a WhatsApp zero-click exploit, to gain access to target devices without requiring user interaction.
Where has Graphite spyware been used?
Despite Paragon’s claims of having safeguards, investigations show that Graphite has been used to target journalists, activists, and government critics, raising concerns over surveillance abuses.
How did Meta respond to Graphite spyware?
Meta warned 90 users in 24 countries about potential Graphite spyware attacks via WhatsApp. It collaborated with Citizen Lab to investigate and mitigate the exploit.
What is the WhatsApp zero-click exploit linked to Paragon?
The spyware leveraged a zero-day vulnerability in WhatsApp that allowed it to infect devices without user interaction. The issue was reportedly fixed on WhatsApp’s server side.
What is BigPretzel, and how is it connected to Graphite?
BigPretzel is an Android component associated with attacks on WhatsApp users. Meta confirmed that it is linked to Paragon’s spyware activities.
What are the risks of spyware like Graphite?
Spyware tools like Graphite pose serious threats to privacy, press freedom, and human rights by enabling governments and entities to conduct surveillance on activists, journalists, and political opponents.
Conclusion
Paragon’s Graphite spyware raises serious concerns about surveillance abuses despite the company’s claims of ethical safeguards. Investigations reveal its use in multiple countries, targeting activists, journalists, and critics. The WhatsApp zero-click exploit linked to Graphite further highlights the growing risks of spyware. As cybersecurity threats evolve, stronger regulations, transparency, and accountability are essential to prevent the misuse of surveillance technology and protect privacy and human rights worldwide.
