Israel Targets WhatsApp Users amid rising cyber tensions with Iran, prompting Tehran to warn citizens against using the app. Learn how spyware and surveillance are shaping modern conflict.
Meta, the parent company of WhatsApp, has expressed “concern” after Iranian state television urged citizens to stop using the messaging platform. On Tuesday (June 17), a report from Iran’s state broadcaster IRIB warned citizens against using WhatsApp, Telegram, and other location-based apps, claiming these are being used by Israel as “primary tools to identify and target Iranian individuals.”
Iran has accused WhatsApp and Telegram of being “Israeli intelligence tools.” A WhatsApp spokesperson told CBS News, “We are concerned that these false allegations might be used as an excuse to shut down our service. Messages sent through WhatsApp are end-to-end encrypted, meaning no one not even WhatsApp can access them. We don’t track users’ exact locations, log message activity, or monitor private chats. We also don’t share mass user data with any government.”
This development comes amid escalating conflict between Iran and Israel. On Friday (June 12), Israel launched airstrikes targeting Iran’s nuclear sites, scientists, and senior military officials. In response, Iran fired a dozen ballistic missiles.
According to NetBlocks, internet usage in Iran has dropped by 75%, which “can limit public access to information during conflict.”
Previously in 2022, during nationwide protests over the death of 22-year-old student Mahsa Amini in police custody, Iran also blocked Meta-owned platforms. Despite WhatsApp’s encryption, it’s not entirely immune to surveillance.
Experts suggest this new ban may be an attempt to isolate Iranian citizens from global communication specially as controlling domestic narratives and wartime information becomes critical for the Iranian regime.
However, Iran’s government has provided no concrete evidence to support its claims that these apps are sending user data to Israel. Analysts note that without transparent proof, the allegations cannot be independently verified.
While WhatsApp does offer strong privacy and security features, it is not entirely hack-proof. In fact, Israel has previously succeeded in breaching it.
WhatsApp, owned by Meta, is a free global messaging platform with nearly 3 billion users, allowing people to send texts, calls, and media over the internet.
While the United States leads the world in cyber capabilities, Israel is also recognized as a cyber superpower, ranking alongside countries like the UK, China, Russia, France, and Canada.
Israel has a long-documented history of cutting-edge cyber operations, including the notorious Stuxnet attack 15 years ago, which targeted Iran’s nuclear program. Units like Israel’s Unit 8200 are known for their innovation in both offensive and defensive cyber strategies.
Seven of the world’s top ten cyber security companies have R&D centers in Israel, and Israeli startups often lead in developing new offensive and defensive technologies.
Israeli companies have repeatedly been linked to WhatsApp account breaches most notably through NSO Group, the creator of the Pegasus spyware.
Read More: New Tk 1,000 Note Sparks Chaos: Why ATMs Are Rejecting It
In 2019, Pegasus was used to hack the data of 1,400 individuals, including journalists, activists, and politicians. Last month, a U.S. federal court ordered NSO Group to pay nearly $170 million in damages to WhatsApp and Meta for that attack.
Another Israeli firm, Paragon Solutions, recently targeted around 100 WhatsApp accounts using advanced spyware that accesses private communications after decryption.
These types of attacks often use “spear-phishing,” a more targeted version of phishing where attackers send crafted, deceptive messages or files to specific individuals, tricking them into installing spyware. This grants full access to the victim’s device, including decrypted WhatsApp messages.
A spear-phishing email may appear to come from a trusted colleague or organization, urging the recipient to review a document or reset a password. Clicking the link leads to a fake login page or triggers a malware download.
To avoid spear-phishing, WhatsApp users should carefully examine unexpected messages specially those creating urgency and avoid clicking suspicious links or downloading unknown attachments.
Hovering the mouse cursor over a link can reveal its destination. Suspicious links often contain odd domains or irrelevant characters. Merely hovering isn’t risky but clicking them is.
Enabling two-factor authentication, keeping software updated, and verifying requests through trusted channels can help. Regular cybersecurity training also empowers WhatsApp users to detect and resist targeted attacks.
