Whoops, it made it a reply to you! Anyway, lots of text upcoming…
Fanpage (the Italian investigative news outlet) wrote an article about the hack, including the message received from Whatsapp. Also on techcrunch in English & more of the message:
“This is a message from WhatsApp,” read the message in Italian, which was obtained by TechCrunch. “In December, WhatsApp interrupted the activities of a spyware company which we believe attacked your device. Our investigations indicate that you may have received a harmful file via WhatsApp and that the spyware may have resulted in accessing your data, including messages saved on the device.”
“We have made changes to prevent this specific attack from happening again. However, your device’s operating system may remain compromised due to the spyware,” continued the message.
It appears it isn’t the entire message however, as later this is stated.
WhatsApp’s message to Cancellato suggested he could contact Citizen Lab …
Spyware maker Paragon confirms US government is a customer:
Paragon’s executive chairman John Fleming said in a statement to TechCrunch on Tuesday that “Paragon licenses its technology to a select group of global democracies — principally, the United States and its allies.”
Fleming also said that Paragon “requires that all users agree to terms and conditions that explicitly prohibit the illicit targeting of journalists and other civil society figures. We have a zero-tolerance policy against such targeting and will terminate our relationship with any customer that violates our terms of service.”
Ynetnews reported on Monday that Italy is a Paragon customer.
Italy says seven people targeted by spyware on WhatsApp
https://www.reuters.com/world/italian-sea-rescue-activist-targeted-with-spyware-according-meta-alert-2025-02-05/
In a statement, Meloni’s office said the cybersecurity agency was informed by WhatsApp, via a law firm, about seven confirmed cases in Italy, but was not told the names of the people affected, “to protect their privacy.”
ACN was also told that spyware was found among WhatsApp users in other European Union nations, namely Belgium, Greece, Latvia, Lithuania, Austria, Cyprus, Czech Republic, Denmark, Germany, Netherlands, Portugal, Spain and Sweden.
Prime Minister Giorgia Meloni’s office said it asked the National Cybersecurity Agency to look into the affair, while denying any involvement, after …
Agenzia per la Cybersicurezza Nazionale (ACN; Italian: National Cybersecurity Agency) is an Italian government agency.
The countries listed are based on the phone numbers’ country codes.
Reminder: “targeted around 90 users … [WhatsApp] said that the targets were in over two dozen countries, including several in Europe.” Separately: “a person close to [Paragon] said it had about 35 government clients, which the person described as democratic governments.” More than 24 countries, and now here are 13 European countries listed… I think that a country does not necessarily respond to a client. E.g. one of the public targets was a Swedish-based critic of Italy-Libya migration pact. But at the same time, in 2022 Pegasus Spyware Maker NSO had active contracts with 12 of the 27 European Union members.
Paragon Solutions … has terminated its client relationship with Italy, according a person familiar with the matter.
The person familiar with the matter, who spoke to the Guardian on the condition of anonymity, said Paragon had “out of an abundance of caution” initially suspended the Italy contract when the first allegation of potential abuse of the spyware emerged last Friday. The decision to fully terminate the contract, the person said, was made on Wednesday after Paragon determined that Italy had broken the terms of service and ethical framework it had agreed under its Paragon contract.
No longer speculation that Italy is a customer but confirmed it seems like.
Paragon demands Italy responds to the allegation, hints Paragon may believe Italy has lied. Paragon has two Italian clients (law enforcement & intelligence). (linked article requires registration to read. Also, this is the relevant Citizen Lab researcher and they have been consistently posting about this story on their twitter.).