Paragon spyware cancels contract with Italian government after targeting journalists and citizens across Europe

News
By published

EU citizens targeted in spyware campaign

An illustration of a 1960s spy with sunglasses and a big coat
(Image credit: Shutterstock / rogistok)
  • Italian citizens were targeted by Paragon spyware, government says
  • A malicious PDF file was used to deploy malware through WhatsApp
  • Paragon has since cancelled its contract with Italy

The Italian government has confirmed in a statement that seven of its citizens, and many others across Europe, were targeted by Israeli spyware company Paragon Solutions.

The zero-click attack campaign used a malicious PDF file to infect users' devices through the WhatsApp messenger. The Italian ruling party, Fratelli d’Italia, has denied any involvement with the campaign.

Fanpage.it, whose director was targeted as part of the campaign, confirmed Paragon had terminated its contract with the Italian government for failing to comply with the “ethical framework” laid out in the agreement.

Paragon targets EU citizens

WhatsApp and its law firm Advant told the Italian National Cybersecurity Agency that seven Italian WhatsApp users were the targets of Paragon, but their identities could not be revealed because of privacy concerns.

Outside of Italy, citizens of Austria, Belgium, Cyprus, Czech Republic, Denmark, Germany, Greece, Latvia, Lithuania, the Netherlands, Portugal, Spain, and Sweden were also targeted in the campaign based on country phone codes.

The victims were mainly journalists and other members of civil society, WhatsApp confirmed last week after accusing Paragon of the spyware campaign and issuing a cease and desist letter.

Paragon also stated earlier this week that the US and “allies” were customers of the company, and said that the company has a “zero-tolerance policy” for the “illicit targeting of journalist and other civil society figures,” with Paragon further stating that it would “terminate our relationship with any customer” found in violation of this rule.

The Italian government also stated that as WhatsApp Ireland Limited is the European operator for Meta, only European Union members have been included in the list of countries, potentially indicating that countries outside of Europe were also targeted in the campaign.

You might also like

TOPICS
Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict has been with TechRadar Pro for over two years, and has specialized in writing about cybersecurity, threat intelligence, and B2B security solutions. His coverage explores the critical areas of national security, including state-sponsored threat actors, APT groups, critical infrastructure, and social engineering.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the Centre for Security and Intelligence Studies at the University of Buckingham, providing him with a strong academic foundation for his reporting on geopolitics, threat intelligence, and cyber-warfare.

Prior to his postgraduate studies, Benedict earned a BA in Politics with Journalism, providing him with the skills to translate complex political and security issues into comprehensible copy.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.