First the Zionist evangelicals came for our freedom of expression, free speech and academic freedom; now they rape our privacy. Next they’ll exterminate us like they are exterminating Palestinians.
Taleed El-Sabawi, JD, PhD @el_sabawi:
Apparently, they can embed spyware into files you open on your phone now… I was wondering how phones were being remotely hacked…
Italian investigative journalist targeted on WhatsApp by Israeli spyware, Francesco Cancellato, whose reporting exposes fascists within PM Meloni’s far-right party, condemns ‘violation’ by Stephanie Kirchgaessner in Washington, 31 Jan 2025, The Guardian
An Italian investigative journalist who is known for exposing young fascists within prime minister Giorgia Meloni’s far-right party was targeted with spyware made by Israel-based Paragon Solutions, according to a WhatsApp notification received by the journalist.
Francesco Cancellato, the editor-in-chief of the Italian investigative news outlet Fanpage, was the first person to come forward publicly after WhatsApp announced on Friday that 90 journalists and other members of civil society had been targeted by the spyware.
The journalist, like dozens of others whose identities are not yet known, said he received a notification from the messaging app on Friday afternoon.
WhatsApp, which is owned by Meta, has not identified the targets or their precise locations, but said they were based in more than two dozen countries, including in Europe.
WhatsApp said it had discovered that Paragon was targeting its users in December and shut down the vector used to “possibly compromise” the individuals. Like other spyware makers, Paragon sells use of its spyware, known as Graphite, to government agencies, who are supposed to use it to fight and prevent crime.
Paragon’s spyware was allegedly delivered to targets who were placed on group chats without their permission, and sent malware through PDFs in the group chat.
Paragon makes no-click spyware, which means users do not have to click on any link or attachment to be infected; it is simply delivered to the phone.
It is not clear how long Cancellato may have been compromised. But the editor published a high-profile investigative story last year that exposed how members of Meloni’s far-right party’s youth wing had engaged in fascist chants, Nazi salutes and antisemitic rants.
Fanpage’s undercover reporters – although not Cancellato personally – had infiltrated groups and chat forums used by members of the National Youth, a wing of Meloni’s Brothers of Italy party. The outlet published clips of National Youth members chanting “Duce” – a reference to Benito Mussolini – and “sieg Heil”, and boasting about their familial connections to historical figures linked to neo-fascist terrorism. The stories were published in May.
Cancellato, 45, said he did not have reason to suspect in December that his mobile device had been compromised and has never been told by any authorities that he is under investigation. The news felt like a “violation”, he said.
“We just began the technical analysis on the device in order to evaluate the actual extent of this attack, what was actually taken or spied on, and for how long. Obviously, it is also in our interest to know, if it’s possible to do so, who ordered this espionage activity,” Cancellato told the Guardian.
Meloni’s party faced criticism in Italy and in Brussels following the publication of Fanpage’s reporting. A European Commission spokesperson at the time said: “The point of view of the European Commission and of President Ursula von der Leyen on the symbolism of fascism is very clear: we do not believe it is appropriate, we condemn it, we think it is morally wrong.”
The president of the Jewish Community of Rome, Victor Fadlun, called for “appropriate actions [to] be taken” after the Fanpage reports. “It is imperative that society and institutions react strongly against all forms of hatred and discrimination,” he wrote on X.
Giovanni Donzelli, a Brothers of Italy MP and party organizer, said at the time there was “no place” for “racists, extremists, and antisemites” in his party.
Paragon Solutions declined to comment.
WhatsApp says journalists and civil society members were targets of Israeli spyware, Messaging app said it had ‘high confidence’ some users were targeted and ‘possibly compromised’ by Paragon Solutions spyware by Stephanie Kirchgaessner in Washington, 31 Jan 2025, The Guardian
Nearly 100 journalists and other members of civil society using WhatsApp, the popular messaging app owned by Meta, were targeted by spyware owned by Paragon Solutions, an Israeli maker of hacking software, the company alleged on Friday.
The journalists and other civil society members were being alerted of a possible breach of their devices, with WhatsApp telling the Guardian it had “high confidence” that the 90 users in question had been targeted and “possibly compromised”.
It is not clear who was behind the attack. Like other spyware makers, Paragon’s hacking software is used by government clients and WhatsApp said it had not been able to identify the clients who ordered the alleged attacks.
Experts said the targeting was a “zero-click” attack, which means targets would not have had to click on any malicious links to be infected.
WhatsApp declined to disclose where the journalists and members of civil society were based, including whether they were based in the US.
Paragon has a US office in Chantilly, Virginia. The company has faced recent scrutiny after Wired magazine in October reported that it had entered into a $2m contract with the US Immigration and Customs Enforcement’s homeland security investigations division.
The division reportedly issued a stop-work order for the contract to verify whether it complied with a Biden administration executive order that restricted the use of spyware by the federal government. The Trump administration has revoked dozens of the Biden administration’s executive orders in its first two weeks in office, but the 2023 order, which prohibited the use of spyware that posed a risk to national security remains in effect.
WhatsApp said it had sent Paragon a “cease and desist” letter and that it was exploring its legal options. WhatsApp said the alleged attacks had been disrupted in December and that it was not clear how long the targets may have been under threat.
The company is currently notifying victims of the alleged hacking, who will be contacted by WhatsApp.
“WhatsApp has disrupted a spyware campaign by Paragon that targeted a number of users including journalists and members of civil society. We’ve reached out directly to people who we believe were affected. This is the latest example of why spyware companies must be held accountable for their unlawful actions. WhatsApp will continue to protect people’s ability to communicate privately,” a company spokesperson said.
The Guardian reached out to Paragon Solutions for a comment but the company did not immediately respond.
Paragon’s spyware is known as Graphite and has capabilities that are comparable to NSO Group’s Pegasus spyware. Once a phone is infected with Graphite, the operator of the spyware has total access to the phone, including being able to read messages that are sent via encrypted applications like WhatsApp and Signal.
The company, which was founded by the former Israeli prime minister Ehud Barak, has been the subject of media reports in Israel recently, after it was reported that the group was sold to a US private equity firm, AE Industrial Partners, for $900m.
Reports suggested the deal had not yet received full regulatory approval in Israel. Cyberweapons like Graphite and Pegasus are regulated by the Israeli ministry of defence. The Guardian reached out to AE Industrial Partners, which is based in Boca Raton, Florida. Paragon is not listed among the company’s investments on its website.
For some time Paragon has had the reputation of a “better” spyware company not implicated in obvious abuses, but WhatsApp’s recent revelations suggest otherwise. “This is not just a question of some bad apples – these types of abuses are a feature of the commercial spyware industry,” said Natalia Krapiva, senior tech legal counsel at Access Now.
WhatsApp said it believed the so-called vector, or means by which the infection was delivered to users, was through a malicious pdf file that was sent to individuals who were added to group chats. WhatsApp said it could say with “confidence” that Paragon was linked to this targeting.
John Scott-Railton, a senior researcher at the Citizen Lab at the University of Toronto, which tracks and identifies digital threats against civil society, said Citizen Lab provided WhatsApp with some information that helped the company understand the vector that was used against the company’s users.
The group is expected to publish a report in the future that will provide more details about the alleged targeting.
WhatsApp announced the news just weeks after a judge in California ruled in the company’s favor in a landmark case against NSO Group, the high-profile spyware maker that in 2021 was placed by the Biden administration on a commerce department blacklist. At the time, the Biden administration said it had placed NSO on the so-called entity list because the company had engaged in activities “that are contrary to the national security or foreign policy interests of the United States”.
NSO has lobbied members of Congress to be taken off the list.
WhatsApp filed a lawsuit against NSO in 2019 after it said 1,400 users had been infected by the company’s spyware. In December, a judge, Phyllis Hamilton, ruled that NSO was liable for the attacks, and that NSO had violated state and federal US hacking laws and WhatsApp’s own terms of service.
Have you been affected? If so please contact
email hidden; JavaScript is required
Refer also to:
2015: Sketch by Victor Juhasz of Steve Harper’s evil caucus with Benjamin Netanyahu, the Koch bros, Xi Jinping, GW Bush and Frac Lord Cheney
