Newsletters
Israeli cybersecurity firm Paragon, founded by Israel's former Prime Minister Ehud Barak, is facing allegations that its Graphite spyware exploits vulnerabilities in the servers of messaging apps such as WhatsApp, Telegram, and Signal to conduct surveillance.
Unlike traditional spyware that infiltrates target devices, Graphite is said to bypass device security entirely by exploiting weaknesses in the platforms’ server infrastructure.
If these allegations are true, Graphite represents a new level of sophistication in cyber espionage, making it nearly undetectable.
Unlike other spyware that infects individual devices, Graphite is claimed to access data directly from messaging platforms’ servers.
According to reports, Graphite impersonates the target user by using their phone number and identity details to gain access to WhatsApp, Telegram, and Signal servers. This method allegedly allows Paragon to retrieve:
?? Text messages
?? Call records
?? Media files
?? Archived conversations stored in cloud backups
The most critical aspect of this technique is that it operates entirely on the server side, meaning no malware is installed on the target’s device, leaving no forensic trace.
Graphite’s approach to cyber espionage is fundamentally different from previously known spyware. Pegasus, for instance, typically infects devices through zero-day exploits or malicious links, while Graphite allegedly leverages vulnerabilities in messaging app servers instead.
Feature
Pegasus (NSO Group)
Graphite (Paragon)
Target
Devices (Phones, Tablets)
Application Servers
Infection Method
Zero-day exploits, malicious links
Server-side authentication bypass
Device Compromise Required
Yes
No
Detectability
Leaves traces on devices (forensic analysis possible)
Extremely hard to detect
Affected Applications
WhatsApp, iMessage, SMS, etc.
WhatsApp, Telegram, Signal
Accessed Data
Messages, calls, media, location
Messages, calls, media, backups
Since Graphite does not need to infect devices, it could potentially be the most advanced spyware ever developed.
There are claims that Paragon’s technology was developed with the help of Israel’s elite cyber intelligence unit, Unit 8200. Known for its involvement in previous cyber warfare and surveillance tools, Unit 8200 has provided talent to companies like NSO Group, the creators of Pegasus.
Reports suggest that Ehud Barak recruited top cyber operatives from Unit 8200 to build Graphite.
WhatsApp recently confirmed that spyware attacks have targeted users in more than 24 countries.
While it remains unclear whether these attacks are linked to Graphite, if vulnerabilities in the servers of WhatsApp, Telegram, and Signal are indeed being exploited, this could have major implications for global cybersecurity.
1 min read
1 min read
