An Italian political adviser was targeted with Paragon’s Graphite spyware, becoming the fifth Italian in the ongoing government surveillance activity.
Italian political adviser Francesco Nicodemo said he was targeted with Paragon’s Graphite spyware, becoming the fifth Italian in the ongoing government surveillance activity.
Graphite is an invasive, non-auditable spyware that covertly accesses sensitive phone data; experts say it violates human rights and should be banned.
Nicodemo is among 90 victims notified by WhatsApp about evidence linking their devices to Paragon spyware, according to a senior forensic researcher at Citizenlab, John Scott-Railton.
“While the Italian authorities acknowledged some of the cases, the pile of unexplained Paragon Graphite spyware cases is growing,” Scott-Railton said. “The theme of politics and elections getting targeted continues.”
Nicodemo is an Italian political consultant and digital communication expert who worked (2013-2014) with the Democratic Party during Matteo Renzi’s tenure as Prime Minister.
In January 2021, during the pandemic, Francesco Nicodemo founded the communication agency Lievito. The Italian media outlet FanPage reported that the agency works with numerous private companies, public institutions, and center-left political candidates, often those challenging incumbent mayors or regional presidents, or outsiders seeking strong voter support. Lievito managed 13 election campaigns.
Nicodemo discovered he had been infected with Paragon spyware. While in Vienna, he ignored a suspicious WhatsApp message and calls from a U.S. number, thinking it was a scam. Later, Citizen Lab’s John Scott-Railton contacted him, confirming the attack. Initially skeptical, Nicodemo realized it was real after reading Fanpage’s report about others being spied on.
Italy’s government admitted using Paragon spyware to surveil some of the known Italian victims, but denied spying on two Fanpage journalists who exposed Meloni’s links to young fascists in a June 2024 report.
The other victims admitted by the government to being surveilled with Paragon spyware include:
- Luca Casarini, founder of Mediterranea Saving Humans
- Giuseppe “Beppe” Caccia, also from Mediterranea Saving Humans
- Two immigration activists, confirmed by the Italian Parliamentary Committee (COPASIR)
In June 2024, Fanpage published a report uncovering Prime Minister Giorgia Meloni’s links to young fascist groups.
The government denied spying on two Fanpage journalists, Francesco Cancellato and Ciro Pellegrino, despite evidence that they were targeted.
“The Italian government has given some spyware targets clarity and explained the cases. But others remain troublingly unclear,” said John Scott-Railton. “None of this looks good for Paragon, or for Italy. That’s why clarity from the Italian government is so essential. I believe that if they wanted to, Paragon could give everybody a lot more clarity on what’s going on. Until they do, these cases are going to remain a weight around their neck,”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
Pierluigi Paganini
(SecurityAffairs – hacking, surveillance)