WhatsApp Zero-Click Paragon Spyware Terminates Contract with Italy

Israeli spyware company Paragon Solutions has terminated its contract with Italy following allegations that its military-grade surveillance software, Graphite, was misused to target journalists and civil society members.

The decision comes less than a week after WhatsApp revealed that the spyware had been deployed in a zero-click attack campaign targeting 90 individuals across two dozen countries, including seven in Italy.

The spyware, capable of infiltrating a device without user interaction, was reportedly used to compromise mobile phones via malicious PDF files sent through WhatsApp group chats.

Among the victims were Francesco Cancellato, editor-in-chief of the investigative outlet Fanpage.it, and Luca Casarini, founder of the NGO Mediterranea Saving Humans. 

Both have been vocal critics of Italian Prime Minister Giorgia Meloni’s government and its policies on Libya and migration. A Libyan activist living in Sweden, Husam El Gomati, was also targeted.

Paragon Spyware Terminates Contract

WhatsApp stated that all hacking attempts were detected in December 2024 with assistance from Citizen Lab, a digital rights watchdog. The messaging platform issued cease-and-desist letters to Paragon and notified affected users.

Paragon Solutions initially suspended its contract with Italy last Friday after allegations surfaced but fully terminated the agreement on Wednesday. 

A source familiar with the matter indicated that Italy had violated the ethical framework outlined in Paragon’s terms of service. 

The spyware firm reportedly disconnected two Italian clients—an intelligence agency and a law enforcement body—from accessing Graphite earlier this week.

Paragon has maintained that its technology is sold exclusively to government entities for counterterrorism and crime prevention purposes. 

In a statement earlier this month, Paragon emphasized that its contracts prohibit targeting journalists and civil society members.

Prime Minister Giorgia Meloni’s office denied any involvement by domestic intelligence services in the alleged breaches. 

In a statement released Wednesday, the government shifted focus to other European nations, noting that victims included individuals from countries such as Belgium, Germany, and Spain.

The controversy has sparked calls for accountability within Italy. Casarini announced plans to file a criminal complaint with prosecutors in Rome or Palermo to investigate who authorized the surveillance.

This incident marks the first time Paragon has been publicly linked to misuse of its spyware. Comparisons have been drawn to NSO Group’s Pegasus spyware, which has faced global scrutiny for similar abuses. 

Both Graphite and Pegasus are designed to provide complete access to a target’s device, including encrypted communications on platforms like WhatsApp and Signal.

Paragon was recently acquired by U.S.-based AE Industrial Partners for $900 million.

The firm also holds contracts with U.S. agencies such as Immigration and Customs Enforcement (ICE), although these agreements have faced scrutiny under President Biden’s executive order restricting federal use of spyware. The revelations have reignited debates over the ethical use of surveillance technologies. 

Natalia Krapiva of Access Now noted that while Paragon had built a reputation as a responsible provider, recent disclosures highlight systemic issues within the commercial spyware industry.

As investigations continue, it remains unclear how long victims were monitored and whether other countries misused Graphite. WhatsApp has pushed for additional regulatory monitoring to prevent future misuse.

Paragon’s decision to terminate its connections with Italy could reduce immediate concerns, but it leaves unresolved issues of accountability for previous abuses.

PCI DSS 4.0 & Supply Chain Attack Prevention – Free Webinar

The post WhatsApp Zero-Click Paragon Spyware Terminates Contract with Italy appeared first on Cyber Security News.