Latest news with #ParagonSolutions
The Independent
12-06-2025
- Business
- The Independent
US-backed Israeli company's spyware used to target European journalists, Citizen Lab finds
Spyware from a U.S.-backed Israeli company was used to target the phones of at least three prominent journalists in Europe, two of whom are editors at an investigative news site in Italy, according to digital researchers at Citizen Lab, citing new forensic evidence of the attacks. The findings come amid a growing questions about what role the government of Italian Prime Minister Giorgia Meloni may have played in spying on journalists and civil society activists critical of her leadership, and raised new concerns about the potential for abuse of commercial spyware, even in democratic countries. 'Any attempts to illegally access data of citizens, including journalists and political opponents, is unacceptable, if confirmed,' the European Commission said in a statement Wednesday in response to questions from members of parliament. 'The Commission will use all the tools at its disposal to ensure the effective application of EU law.' Meloni's office declined to comment Thursday, but a prominent member of her Cabinet has said that Italy 'rigorously respected' the law and that the government hadn't illegally spied on journalists. Mercenary spyware industry The company behind the hacks, Paragon Solutions, has sought to position itself as a virtuous player in the mercenary spyware industry and won U.S. government contracts, The Associated Press found. Backed by former Israeli Prime Minister Ehud Barak, Paragon was reportedly acquired by AE Industrial Partners, a private investment firm based in Florida, in a December deal worth at least $500 million, pending regulatory approvals. AE Industrial Partners didn't directly respond to requests for comment on the deal. Paragon's spyware, Graphite, was used to target around 90 WhatsApp users from more than two dozen countries, primarily in Europe, Meta said in January. Since then, there's been a scramble to figure out who was hacked and who was responsible. 'We've seen first-hand how commercial spyware can be weaponized to target journalists and civil society, and these companies must be held accountable,' a spokesperson for WhatsApp told AP in an email. 'WhatsApp will continue to protect peoples' ability to communicate privately.' Meta said the vulnerability has been patched and they have not detected subsequent attacks. Meta also sent a cease-and-desist letter to Paragon. Last month, a California court awarded Meta $168 million in damages from Israel's NSO Group, whose spyware was used to hack 1,400 WhatsApp accounts, including of journalists, activists and government officials. Journalists targeted The Citizen Lab's findings, released today, show that the use of spyware against journalists has continued, despite the backlash against NSO Group, and establish for the first time that Paragon was able to successfully infect Apple devices. Ciro Pellegrino, who heads the Naples newsroom of an investigative news outlet called received a notice on April 29 that his iPhone had been targeted. Last year, Fanpage secretly infiltrated the youth wing of Meloni's Brothers of Italy party and filmed some of them making fascist and racist remarks. Pellegrino's colleague, Fanpage editor-in-chief Francesco Cancellato, also received a notice from Meta that his Android device had been targeted by Paragon spyware, though forensic evidence that his phone was actually infected with Graphite hasn't yet surfaced, according to Citizen Lab. The Citizen Lab's report today also revealed a third case, of a 'prominent European journalist,' who asked to remain anonymous, but is connected to the Italian cluster by forensic evidence unearthed by researchers at the laboratory, which is run out of the Munk School at the University of Toronto. The Citizen Lab, which has analyzed all the devices, said the attack came via iMessage, and that Apple has patched the vulnerability. Apple did not respond immediately to requests for comment. 'Paragon is now mired in exactly the kind of abuse scandal that NSO Group is notorious for,' said John Scott-Railton, a senior researcher at the Citizen Lab. 'This shows the industry and its way of doing business is the problem. It's not just a few bad apples.' Stealthy spyware Paragon's spyware is especially stealthy because it can compromise a device without any action from the user. Similar to the NSO Group's notorious Pegasus spyware, which has been blacklisted by the U.S. government, Graphite allows the operator to covertly access applications, including encrypted messengers like Signal and WhatsApp. 'There's no link to click, attachment to download, file to open or mistake to make,' Scott-Railton said. 'One moment the phone is yours, and the next minute its data is streaming to an attacker.' Parliamentary oversight COPASIR, the parliamentary committee overseeing the Italian secret services, took the rare step last week of making public the results of its investigation into the government's use of Paragon. The COPASIR report said that Italian intelligence services hadn't spied on Cancellato, the editor of Fanpage. The report did confirm the surveillance, with tools including Graphite, of civil society activists, but said they had been targeted legally and with government authorization — not as activists but over their work related to irregular immigration and national security. Giovanni Donzelli, vice president of COPASIR and a prominent member of Meloni's Brothers of Italy party, declined further comment Thursday, saying the parliamentary report was 'more relevant than an analysis done by a privately funded Canadian laboratory.' Citizen Lab says it's 'rigorously independent,' and doesn't accept research funding from governments or companies. Italy and Paragon both say they've terminated their relationship, but offer starkly different versions of the breakup. Paragon referred questions to a statement it gave to Israeli newspaper Haaretz, in which the company said that it stopped providing spyware to Italy after the government declined its offer to help investigate Cancellato's case. Italian authorities, however, said they had rejected Paragon's offer over national security concerns and ended the relationship following media outcry. U.S. contracts Paragon has been keen to deflect reputational damage that could, in theory, impact its contracts with the U.S. government. A 2023 executive order, which so far hasn't been overturned by U.S. President Donald Trump, prohibits federal government departments and agencies from acquiring commercial spyware that has been misused by foreign governments, including to limit freedom of expression and political dissent. The U.S. Department of Homeland Security awarded Paragon a one-year, $2 million contract last September for operations and support of U.S. Immigration and Customs Enforcement, public records show. The U.S. Drug Enforcement Administration has also reportedly used the spyware. In December 2022, Adam Schiff, the California Democrat who at the time chaired the House Intelligence Committee, wrote to the administrator of the U.S. Drug Enforcement Administration questioning whether the DEA's use of Graphite spyware undermined efforts to deter the 'broad proliferation of powerful surveillance capabilities to autocratic regimes and others who may misuse them.' ___ Byron Tau in Washington, and Lorne Cook in Brussels, contributed to this report.
The Guardian
12-06-2025
- Politics
- The Guardian
European journalists targeted with Paragon Solutions spyware, say researchers
The hacking mystery roiling the Italian prime minister Giorgia Meloni's rightwing government is deepening after researchers said they found new evidence that two more journalists were targeted using the same military-grade spyware that Italy has admitted to using against activists. A parliamentary committee overseeing intelligence confirmed earlier this month that Italy used mercenary spyware made by Israel-based Paragon Solutions against two Italian activists. But the same committee, which launched an investigation into the hacking scandal in March, said it was unable to determine who was behind the targeting of a prominent Italian investigative journalist named Francesco Cancellato, whose news outlet has been critical of the Meloni government. Now a report by researchers at the Citizen Lab has revealed that a close colleague of Cancellato, Ciro Pellegrino, who is head of the investigative outlet Naples bureau, was also targeted by a user of Paragon Solution's spyware, which is called Graphite. The Citizen Lab said a third journalist, who chose to remain anonymous and is described as a 'prominent European journalist', had also been targeted with the spyware. The news comes as Paragon and the Italian government have been engaged in an acrimonious public spat. Haaretz reported this week that Paragon had offered to assist the Italian government in investigating Cancellato's case. Italy reportedly rejected that offer, however, with the Italian department of security intelligence saying that it raised national security concerns. Meloni's office did not reply to a request for comment. A debate on the matter, which has prompted outrage among the Italian opposition and MEPs in Brussels, has been scheduled in the European parliament on 16 June. The Guardian approached Paragon for comment on the latest development. It referred to comments it made to Haaretz, in which it confirmed it cancelled its contract with the Italian government after reports first emerged in February that Cancellato had been targeted. The Guardian first reported that Paragon was terminating its contract with Italy in February. Like other spyware vendors, Paragon sells its cyberweapon to government clients who are supposed to use it to prevent crime. The company has said it sells its spyware only to democratic countries and that its terms of service forbids agencies to use the spyware against journalists or members of civil society. The question now remains who is behind the targeting of the two journalists. John Scott-Railton, a senior researcher at the Citizen Lab, said: 'We found that both journalists phones bore Paragon's unmistakable digital fingerprints. Making matters even more interesting, we found fingerprints matching the same Paragon customer in both cases.' A report released by the Copasir parliamentary committee found that Italy's domestic and foreign intelligence agencies had contracts with Paragon in 2023 and 2024, and that the hacking software was used with the permission of a prosecutor and in limited circumstances. The committee said the spyware had been used to search for fugitives, investigate alleged terrorism, organised crime, fuel smuggling and counter-espionage efforts. It said the pro-immigrant human rights activists who were targeted – they included Luca Cassarini and Giuseppe Caccia – had been spied on due to their connection to 'irregular immigration' and not because they were involved in human rights.
Business Mayor
26-05-2025
- Business
- Business Mayor
How small c-stores can survive
From the rise and fall of the COVID-19 pandemic to ballooning inflation and interest rates, difficult economic conditions have forced many small c-store operators to sell to competitors that are seeking more scale. Large c-store companies have pricing power and economies of scale that make it easier to weather turbulent economic times, while their juggernaut marketing programs boost brand awareness even outside their main areas of operation. These brands are moving into more and more communities, and their strategic initiatives — like expanding foodservice programs or testing retail media networks — dominate the industry conversation. All of which can leave small-scale operators wondering how they can stay competitive. Part of the challenge, said Mike Lawshe, founder of c-store design and consulting firm Paragon Solutions, is being able to look beyond the big chains' playbooks to define success and set strategy. 'The thing that drives me a little crazy is when we have customers come in and say, 'I want to build a [QuikTrip], a Buc-ee's,' said Mike Lawshe. 'Well, you can't. You're in a different game.' Even if a retailer doesn't have the scale of a large regional chain, there are a few things they can do to keep their business standing strong even among the industry giants. Solve problems, find niches Relying on smokes and Cokes is no longer going to be enough, experts pointed out. 'The Coca Cola they're buying is the exact same Coca Cola in every single c-store,' said Kevin Farley, chief client officer for c-store consultancy W. Capra. 'You have to change what you offer outside of this traditional c-store offering for them to come into your store.' Many small and mid-size c-store chains are adding proprietary QSRs or building bigger stores that offer prepared foods in a broader effort to compete with restaurants. Before then, there have been significant changes like the reduction of service centers or the move toward food-focused stores that aim to compete with QSRs. These changes have left a vacuum in the industry, said Lawshe, creating space for 'someone with a little creativity, someone wanting to change the industry' to step in and cater to these needs. Gas N Wash added a Mickey's Greek-style restaurant to one of its sites. Permission granted by Gas N Wash Small operators could test the waters with new, efficient technology, like Family Express has done with its recently launched mobile app and AI-fueled management software. Or maybe small retailers want to address the lack of third spaces with a welcoming new design, like The Rusty Lantern. They could even try opening in nontraditional locations like sports and music arenas, a tactic GoMart and Wally's have tested. Even within areas like fresh foodservice, which is growing more commonplace in convenience retail, there are ways to iterate and stand out. This could mean partnering with local restaurants, the way Gas N Wash has, or developing a proprietary program like Gastro High Octane Eats at Schmitz Sunoco. 'Who's going to challenge the norm?' Lawshe said. 'Who's going to bring technology? Who's going to have the best solution?' Building the brand Small retailers also need to improve their brand strategy to connect with customers. There are many ways for retailers to tell their story. They can promote their history or their mission and share their values with customers — something that's especially important for younger shoppers. 'This generation is very brand aware and very brand loyal,' said Austin Burns, president and CEO of Paragon Solutions. 'And there's a really good opportunity out there for these retailers to grab onto.' This can look like Buc-ee's, where the company mascot is plastered everywhere and its fans make trips just to visit its stores. Or it can look like Rutter's, which often promotes its 270-year history in its home state of Pennsylvania and ties its roots as a dairy into the marketing of products like milk and egg nog. However, if a chain is hoping to get acquired, building a strong identity could work against it. Art Sebastian pointed to TXB as an example. While the chain is in a good position — well known and well loved — if it did want to sell, it might have a difficult time. 'The way they've built a brand, it would be hard for a big player to acquire them and just weave them into their system,' said Sebastian, CEO of c-store advisory firm NextChapter. 'Casey's just can't take that chain and slap pizza in there, right?' Experts emphasized retailers need to figure out what their value is to the shopper and how to connect. Differentiating their offering and experience from the big players to the point where people are talking about it among friends and on social media has become a valuable commodity. 'You have a real opportunity now,' said Burns. 'Your brand is more valuable than the real estate.' TXB is an example of a regional player that's build a strong brand. Permission granted by TXB Know when it's time to cut losses C-stores should look for ways to update their stores in order to keep them competitive — but they should also know when the extra investment just isn't worth it, experts say. If a store is underperforming and the owner can't or won't invest back into it, ownership should ask themselves if the site is still worth running. There's a lot of data out there that can help retailers make the decision, Burns noted. With larger companies expanding their reach and some smaller companies innovating to change the game, it could just hasten the decline of aging locations that don't get updated. 'We see it all the time, whether it's a Buc-ee's or [QuikTrip] or RaceTrac, going up against legacy stores across the street,' said Lawshe. 'And those legacy stores, they just go in the tank.'
The Guardian
27-03-2025
- Politics
- The Guardian
Italian government approved use of spyware on members of refugee NGO, MPs told
The Italian government approved the use of a sophisticated surveillance tool to spy on members of a humanitarian NGO because they were allegedly deemed a possible threat to national security, MPs have heard. Alfredo Mantovano, a cabinet undersecretary, made the admission during a classified meeting with Copasir, the parliamentary committee for national security, according to a person familiar with the situation. Copasir is investigating whether the secret services breached the law in using Graphite, military-grade spyware made by Israel-based Paragon Solutions, to monitor activists and journalists, and is expecting to report on its finding soon. Giorgia Meloni's government has been under pressure to address the case since January, when a handful of Italian activists and a journalist received warnings from WhatsApp, the messaging app owned by Meta, that their phones had been targeted by spyware. The government initially denied involvement, but Mantovano, who oversees the intelligence services, told the committee that the spyware had targeted Luca Casarini and Giuseppe Caccia, the founders of Mediterranea Saving Humans, an NGO that tries to protect refugees who cross the Mediterranean. He said the spyware was approved by the government and the attorney general of Rome's court of appeal, and that the intelligence agencies used the surveillance system within the parameters of the law in order to conduct a 'preventive' investigation into illegal immigration. He denied the spyware was used to target Francesco Cancellato, the editor-in-chief of the Italian news outlet Fanpage. Mantovano's assertions, which were first reported by La Repubblica, have so far not been denied by the government. Paragon suspended its relationship with Italy when the breaches emerged, a person familiar with the matter told the Guardian. The company's spyware is intended for use on criminals. Mediterranea Saving Humans said it was informed about Mantovano's claims by journalist sources, adding in a statement that the 'secret operation worthy of a regime' had been 'unmasked to the world'. In addition to the Copasir inquiry, prosecutors in five cities, including Rome, Palermo, Naples, Bologna and Venice, are investigating claims after complaints were submitted by targets of the alleged spyware breach, who include Mattia Ferrari, a priest, and David Yambio, a humanitarian activist, both of whom have worked with Mediterranea Saving Humans. 'Five prosecutors are investigating and we trust someone will have the courage to get to the bottom of it and demonstrate, as is clear, that this is an abuse of power and nothing else,' Mediterranea Saving Humans added.
The Guardian
20-03-2025
- Business
- The Guardian
Australian government agencies could be customers of Israeli spyware, research suggests
Australian government agencies could be customers of military-grade spyware from Israeli firm Paragon Solutions, a new report suggests. In January, Meta revealed more than 90 people, including journalists, had their WhatsApp compromised by the software, although it is unknown if any Australians were targeted. In a report published by the Citizen Lab on Wednesday, the group identified two IP addresses located in Australia among countries where the company's Graphite spyware tool was suspected to have been used. Citizen Lab had received a tip which they believe allowed Paragon's server infrastructure to be mapped. The software can provide full access to the instant messaging apps on a user's device. The service is only sold to governments around the world. It is not sold to private enterprises. Sign up for Guardian Australia's breaking news email Neither of the Australian domains listed in the report show any records of having being owned before, according to a who-is domain search conducted on the two sites listed. The domains could have been used by any federal or state agency. Sources have told Guardian Australia that the Department of Home Affairs and Australian Signals Directorate have no links to Paragon Solutions. When asked if Paragon had Australian customers, or if the software had been used to target Australians, the company did not directly respond to the question. 'Paragon's mission is to support national security and law enforcement agencies, in full accordance with applicable laws and regulations, in their fight against serious crime and terrorism while minimising the impact on privacy,' the company's executive chairman, John Fleming, said. 'Paragon maintains a robust due diligence framework to vet customers, ensuring they operate within democratic systems and that their law enforcement and intelligence agencies have the proper legal framework to use our tools. We have a zero-tolerance policy for customers who violate our terms of service, and a proven track record of enforcing those rules.' If the Australian government is a customer there is no suggestion by Citizen Lab in their report that they have misused it or violated Paragon's terms of service. The Citizen Lab report came after WhatsApp owner, Meta announced in January it had 'high confidence' that 90 journalists and other members of civil society had been compromised on the messaging platform, after being targeted by spyware owned by Paragon Solutions. WhatsApp had sent Paragon a cease and desist letter and said it was exploring its legal options. The company alerted those who had been targeted at the time. Sign up to Breaking News Australia Get the most important news as it breaks after newsletter promotion When asked whether Australians were targeted, Meta declined to comment further. An Italian investigative journalist, Francesco Cancellato, who is known for exposing young fascists within prime minister Giogia Meloni's far-right party, came forward after receiving a notification from WhatsApp about the attack. Paragon Solutions terminated its contract with Italy after the revelations. Meloni's office denied that domestic intelligence services or the government were behind the alleged breaches against the journalist and activists. Citizen Lab, based at the University of Toronto, are specialists at researching cyber and surveillance techniques.
