An official with Meta's popular WhatsApp chat service said Israeli spyware company Paragon Solutions had targeted scores of its users, including journalists and members of civil society.
The official said on Friday that WhatsApp had sent Paragon a cease-and-desist letter following the hack. In a statement, WhatsApp said the company "will continue to protect people's ability to communicate privately."
Paragon declined to comment.
The WhatsApp official told Reuters it had detected an effort to hack approximately 90 users of its platform.
The official declined to say who, specifically, was targeted or where they were geographically, saying only that targets included an unspecified number of people in civil society and media. He said WhatsApp had since disrupted the hacking effort and was referring targets to Canadian internet watchdog group Citizen Lab.
The official declined to discuss how it ascertained that Paragon was responsible for the hack. He said law enforcement and industry partners had been informed, but declined to go into detail.
The FBI did not immediately return a message seeking comment.
Citizen Lab researcher John Scott-Railton said the discovery of Paragon spyware targeting WhatsApp users "is a reminder that mercenary spyware continues to proliferate and as it does, so we continue to see familiar patterns of problematic use."
Spyware merchants such as Paragon sell high-end surveillance software to government clients and typically pitch their services as critical to fighting crime and protecting national security.
But such spy tools have repeatedly been discovered on the phones of journalists, activists, opposition politicians, and at least 50 US officials, raising concerns over the unchecked proliferation of the technology.
Paragon - which was reportedly acquired by Florida-based investment group AE Industrial Partners last month - has tried to position itself publicly as one of the industry's more responsible players.
The company's website advertises "ethically based tools, teams, and insights to disrupt intractable threats," and media reports citing people familiar with the company say Paragon only sells to governments in stable democratic countries.
Natalia Krapiva, senior tech-legal counsel at the advocacy group Access Now, said Paragon had the reputation of being a better spyware company, "but WhatsApp's recent revelations suggest otherwise."
"This is not just a question of some bad apples — these types of abuses (are) a feature of the commercial spyware industry."
AE did not immediately return a message seeking comment.
