It turns out that an Israeli spy company that also has a contract with the US government has been spying on European journalists' smartphones
It has been revealed that the Israeli spyware developer Paragon has been spying on the smartphones of several journalists working in Europe.
Graphite Caught: First Forensic Confirmation of Paragon's iOS Mercenary Spyware Finds Journalists Targeted - The Citizen Lab
Spyware from US-backed Israeli firm targets European journalists | AP News
https://apnews.com/article/spyware-italy-paragon-meloni-pegasus-f36dd32106f44398ee24001317ccf2bb
Paragon is an Israeli-based spyware development company that sends spyware to target devices at the request of its customers. Paragon has admitted that one of its clients is the US government, and it is known to be a spyware development company with enough influence and technical capabilities to undertake requests from government agencies. An analysis by security research institute Citizen Lab revealed that Paragon was conducting espionage activities against European journalists.
The following is a spyware warning screen that was displayed on the iPhone of Cino Pellegrino, Naples bureau chief of the news site ' Fanpage.it ' on April 29, 2025. This screen is called a ' Threat Notification ' that is automatically displayed when the iPhone detects an attack from spyware, and if the Threat Notification is displayed, it is strongly recommended that you consult a security expert.
Pellegrino took the iPhone to Citizen Lab for analysis, which found evidence that the Paragon spyware Graphite was active on the iPhone and exploited the iMessage vulnerability
In addition, on the same day that the Threat Notification appeared on Pellegrino's iPhone, the same screen was also displayed on the iPhone of an anonymous 'prominent European journalist.' The anonymous journalist also requested Citizen Lab to analyze his iPhone, and it became clear that he, like Pellegrino, had been subject to Paragon's espionage attack. Based on the results of their analysis, Citizen Lab concluded that 'the same client had requested Paragon to attack Pellegrino and the anonymous journalist.'
In January 2025, Francesco Cancelato, an editor at Fanpage.it, received a notification from WhatsApp on his Android smartphone saying he was being targeted by Graphite. Citizen Lab analyzed Cancelato's smartphone, but was unable to find any solid evidence of Graphite activity. However, Citizen Lab points out that 'the fact that multiple people affiliated with Fanpage.it were victims of Graphite indicates that there was a series of actions targeting Fanpage.it.'
The identity of the client who commissioned the spying on journalists has not been made public, but the Associated Press noted that 'the discovery comes amid growing suspicions that the Italian government of Prime Minister Giorgia Meloni is spying on journalists and activists critical of him, raising new concerns that commercial spyware can be misused in democracies as well.' Meloni's office declined to comment when contacted by the AP, and a cabinet minister said, 'The government strictly respects Italian law and does not engage in illegal spying on journalists.'
In addition, Apple has already fixed the vulnerability 'CVE-2025-43200' that was exploited by Paragon's espionage activities. Paragon was also reported to have been acquired by AE Industrial Partners, an investment company based in Florida, USA, for at least $500 million (about 72 billion yen) in December 2024, and at the time of writing, it is said that the acquisition procedure is pending approval by regulatory authorities.
Related Posts:
