Latest news with #CiroPellegrino
The Star
19-06-2025
- Politics
- The Star
Alleged Italian phone hacking involves political gossip website, sources say
Italian investigative journalist Ciro Pellegrino shows his phone screen displaying a threat notification from Apple warning of a mercenary spyware attack, in Naples, Italy, June 11, 2025. REUTERS/Matteo Ciambelli/File Photo ROME (Reuters) -Italian prosecutors are looking into the alleged hacking of seven phones, including that of the head of political gossip website Dagospia, sources said, as part of a surveillance scandal involving the technology of spyware company Paragon. The probe follows reports on the alleged spying on two investigative journalists, which have triggered opposition protests and the termination of contracts between Italy and U.S.-owned Paragon. Prime Minister Giorgia Meloni's administration has denied involvement in illicit activities. Prosecutors in Rome and Naples are investigating the crime of unauthorized access into the phones, sources with knowledge of the matter said on Thursday, adding that Dagospia founder Roberto D'Agostino was among seven journalists and activists who were allegedly spied on. D'Agostino, whose website Dagospia produces salacious gossip with political behind-the-scenes stories and is a daily must-read for many Italian reporters, was not immediately available for comment. Dagospia, however, reported on the news involving its founder, republishing reports about the investigations from other media outlets under the headline: "Dagospia ends up being spied upon! The illegal wiretaps scandal gets bigger." As part of their investigation, prosecutors are also looking into the alleged hacking of the phones of investigative reporters, Ciro Pellegrino and Francesco Cancellato, both from the Fanpage website, the sources said. Italy's domestic and foreign intelligence agencies activated contracts with Paragon in 2023 and 2024, respectively, and used it on a limited number of people with permission from a prosecutor, a report by the parliamentary committee on security, COPASIR, said. The foreign intelligence agencies used the spyware to search for fugitives, to counter illegal immigration, alleged terrorism, organised crime, fuel smuggling and for counter-espionage and internal security activities, COPASIR said. The committee said it found no evidence that Italian intelligence services used Paragon spyware on Cancellato. Separately, internet watchdog group Citizen Lab said it found evidence of spying on Pellegrino's phone. Former Prime Minister Matteo Renzi, leader of a small opposition party, called for clarity on Thursday over the hacking case, adding that one does not spy on journalists in democracies. (Reporting by Paolo Chiriatti, Giuseppe Fonte and Alvise ArmelliniEditing by Bernadette Baum)
Straits Times
19-06-2025
- Politics
- Straits Times
Alleged Italian phone hacking involves political gossip website, sources say
Italian investigative journalist Ciro Pellegrino shows his phone screen displaying a threat notification from Apple warning of a mercenary spyware attack, in Naples, Italy, June 11, 2025. REUTERS/Matteo Ciambelli/File Photo ROME - Italian prosecutors are looking into the alleged hacking of seven phones, including that of the head of political gossip website Dagospia, sources said, as part of a surveillance scandal involving the technology of spyware company Paragon. The probe follows reports on the alleged spying on two investigative journalists, which have triggered opposition protests and the termination of contracts between Italy and U.S.-owned Paragon. Prime Minister Giorgia Meloni's administration has denied involvement in illicit activities. Prosecutors in Rome and Naples are investigating the crime of unauthorized access into the phones, sources with knowledge of the matter said on Thursday, adding that Dagospia founder Roberto D'Agostino was among seven journalists and activists who were allegedly spied on. D'Agostino, whose website Dagospia produces salacious gossip with political behind-the-scenes stories and is a daily must-read for many Italian reporters, was not immediately available for comment. Dagospia, however, reported on the news involving its founder, republishing reports about the investigations from other media outlets under the headline: "Dagospia ends up being spied upon! The illegal wiretaps scandal gets bigger." As part of their investigation, prosecutors are also looking into the alleged hacking of the phones of investigative reporters, Ciro Pellegrino and Francesco Cancellato, both from the Fanpage website, the sources said. Italy's domestic and foreign intelligence agencies activated contracts with Paragon in 2023 and 2024, respectively, and used it on a limited number of people with permission from a prosecutor, a report by the parliamentary committee on security, COPASIR, said. The foreign intelligence agencies used the spyware to search for fugitives, to counter illegal immigration, alleged terrorism, organised crime, fuel smuggling and for counter-espionage and internal security activities, COPASIR said. The committee said it found no evidence that Italian intelligence services used Paragon spyware on Cancellato. Separately, internet watchdog group Citizen Lab said it found evidence of spying on Pellegrino's phone. Former Prime Minister Matteo Renzi, leader of a small opposition party, called for clarity on Thursday over the hacking case, adding that one does not spy on journalists in democracies. REUTERS Join ST's Telegram channel and get the latest breaking news delivered to you.
Forbes
13-06-2025
- Forbes
New iPhone Spyware Warning — Act Now To Prevent Attacks
A new warning has been issued to Apple iPhone users by researchers after they found forensic evidence that Paragon Graphite spyware has taken over targets' devices. Cybersecurity researchers at Citizen Lab — which is known to discover and report vulnerabilities such as spyware — found spyware made by Israeli firm Paragon targeting iPhones. It comes after the Italian government admitted using spyware to target civil society. Apple initially issued an alert on the new spyware targeting a number of iOS users including journalists on April 29. Among the group were two journalists that consented for the technical analysis of their cases, Citizen Lab's Bill Marczak and John Scott-Railton wrote in their analysis. After investigating the devices of a prominent European journalist (who requests anonymity), and Italian journalist Ciro Pellegrino, Citizen Lab found forensic evidence confirming 'with high confidence that both a were targeted with Paragon's Graphite mercenary spyware.' Citizen Lab found evidence linking both cases to the same Paragon operator. The attacker deployed Paragon's Graphite spyware using 'a sophisticated iMessage zero-click attack,' Citizen Lab said, adding: 'We believe that this infection would not have been visible to the target.' The iPhone flaw, tracked as CVE-2025-43200, was patched in iOS 18.3.1. Spyware is so dangerous because it provides adversaries complete access to your iPhone, including your microphone, camera, email and messages — even those sent via encrypted apps such as WhatsApp or Signal. Worse, spyware is often deployed via so called 'zero-click attacks' that require no user interaction, taking advantage of vulnerabilities in the iOS operating system. This means the malware ca be delivered via an image sent via iMessage or WhatsApp — and you don't need to open it to become a victim. The fact that Graphite was delivered through a zero-click exploit reflects a growing pattern where 'sophisticated spyware uses zero-day vulnerabilities to silently compromise devices,' says Adam Boynton, senior security strategy manager EMEIA at cybersecurity outfit Jamf. What makes Graphite especially dangerous is its ability to operate covertly in memory, often leaving minimal artefacts on disk, says Boynton. It is capable of creating system-level impersonations — for example, registering hidden iMessage accounts or spoofing security features — to conceal its presence from both the user and standard detection tools. 'These tactics make traditional mobile security models insufficient on their own,' says Boynton. The new spyware warning is certainly scary, but at the same time, Apple's security architecture remains 'among the strongest in the industry,' says Boynton. He points to the iPhone maker's Lockdown Mode, which reduces the functionality of your iPhone but helps protect it from spyware. Spyware is extremely targeted, as can be seen from Citizen Lab's analysis, which focused on journalist's iPhones. Other groups vulnerable to the malware include dissidents, political figures and business users operating in certain sectors. In order to help prevent being targeted, Boynton emphasises the importance of keeping iPhones up to date. He also suggests enabling Lockdown Mode on Apple devices if you are in a sensitive or high-risk role. Another way of disrupting spyware is to turn your iPhone off and on again. But it's not a permanent solution and if you do suspect the malware is on your device, contact an organization such as Amnesty or Access Now for help. As researchers reveal more details about the dangers of the Graphite spyware, it is important that you update your iPhone now to the latest software, currently iOS 18.5. Even if you are not a target, upgrading will protect you from a number of flaws that could compromise your iPhone's security.
TechCrunch
12-06-2025
- TechCrunch
Apple fixes new iPhone zero-day bug used in Paragon spyware hacks
Researchers revealed on Thursday that two European journalists had their iPhones hacked with spyware made by Paragon. Apple now says it has fixed the bug that was used to hack their phones. Citizen Lab wrote in its report, shared with TechCrunch ahead of its publication, that Apple had told its researchers that the flaw exploited in the attacks had been 'mitigated in iOS 18.3.1,' a software update for iPhones released on February 10. Until this week, the advisory of that security update only mentioned one unrelated flaw, which allowed attackers to disable an iPhone security mechanism that makes it harder to unlock phones. On Thursday, however, Apple updated its February 10 advisory to include details about a new flaw, which was also fixed at the time, but not publicized. 'A logic issue existed when processing a maliciously crafted photo or video shared via an iCloud Link. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals,' reads the now-updated advisory. In the final version of its report published Thursday, Citizen Lab confirmed this is the flaw used against Italian journalist Ciro Pellegrino and an unnamed 'prominent' European journalist. Contact Us Do you have more information Paragon? Or other spyware makers? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or Do you have more information Paragon? Or other spyware makers? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email . It's unclear why Apple did not disclose the existence of this patched flaw until four months after the release of the iOS update, and an Apple spokesperson did not respond to a request for comment seeking clarity. The Paragon spyware scandal began in January, when WhatsApp notified around 90 of its users, including journalists and human rights activists, that they had been targeted with spyware made by Paragon, dubbed Graphite. Then, at the end of April, several iPhone users received a notification from Apple alerting them that they had been the targets of mercenary spyware. The alert did not mention the spyware company behind the hacking campaign. On Thursday, Citizen Lab published its findings confirming that two journalists who had received that Apple notification were hacked with Paragon's spyware. It's unclear if all the Apple users who received the notification were also targeted with Graphite. The Apple alert said that 'today's notification is being sent to affected users in 100 countries.'
CNA
12-06-2025
- Politics
- CNA
Second Italian journalist targeted with Paragon spyware, watchdog group says
LONDON :A second Italian journalist was recently targeted by software made by U.S.-owned surveillance company Paragon, internet watchdog group Citizen Lab said, raising new questions about a surveillance scandal that has already led Prime Minister Giorgia Meloni's government and Paragon to part ways. Citizen Lab said in a report on Thursday that Italian investigative journalist Ciro Pellegrino's iPhone showed evidence of having been targeted by Paragon's sophisticated spy software. Pellegrino works at the online newspaper Fanpage, whose editor-in-chief Francesco Cancellato earlier disclosed that he was one of scores of users who received January alerts from WhatsApp that they had been targeted using Paragon's technology. Fanpage has published a stream of critical coverage of Meloni's government, notably an exposé tying her party's youth wing to neo-Nazi activity, and the allegation that Fanpage's journalists, among others, were put under surveillance has stirred controversy in Italy. On Monday, the government and Paragon announced that they were no longer working together, offering conflicting explanations about who fired whom. Paragon referred questions back to an earlier statement it provided to the Israeli publication Haaretz in which it said it had offered Italian officials a way to check whether its systems had been used against Cancellato, but that Italian authorities had rebuffed the offer. Italian officials did not return a message seeking comment on the Citizen Lab report. In a text exchange with Reuters, Pellegrino said the discovery that he had been targeted with spyware was "horrible." The Naples-based journalist said his phone was "the black box of my life, which contains everything from personal and health data to journalistic sources." Although an Italian parliamentary panel reported on Monday that the country's spy services had deployed Paragon's tools to intercept the communications of migrant sea rescue activists in the context of law enforcement work, the panel said it had found no evidence that the tools were used by Italian intelligence to go after Fanpage's Cancellato. The discovery of Paragon spyware on the phone of one of Cancellato's colleagues adds to questions about the panel's thoroughness, said Natalia Krapiva, a senior lawyer with Access Now, a human rights group that works with spyware victims. "It sheds serious doubt on the adequacy of the investigation," she said. The Italian parliamentary panel, which has reserved the right to conduct further investigations around the matter, did not respond to a message seeking comment. In its report, Citizen Lab also said that an unnamed European journalist was hacked with Paragon's spyware. The lab, which is based out of the University of Toronto, offered no other details and declined to answer questions about the journalist's identity or the circumstances of their targeting.
