US-backed Israeli company's spyware used to target European journalists

Original Article ↗ Hacker News Discussion ↗

Headline focus and narrative framing

  • Some see the AP headline (“US‑backed Israeli company…”) as click‑driven and skewed, since the concrete operation was allegedly by Italian services against an EU journalist.
  • Others defend the framing: the noteworthy angle is US‑backed Israeli spyware being used against journalists, not an internal Italian matter, and headlines are necessarily lossy.
  • There’s disagreement over whether AP is broadly neutral infrastructure (wire service) or pushing a particular agenda.

Legitimacy vs abuse of commercial spyware

  • One camp argues there is “nothing inherently wrong” with selling offensive cyber tools to “Western” governments for law‑enforcement and counter‑terrorism, likening it to phone tapping.
  • Many others strongly reject this: history (PRISM, ECHELON, Pegasus cases, 5 Eyes) shows such tools are routinely turned against journalists, activists, and political opponents rather than rare “ticking bomb” threats.
  • Debate centers on unknown “denominator”: we see abuses because they surface; legitimate uses (if any) are mostly invisible.

Italy, fascism, and targeting journalists

  • Several comments characterize the current Italian governing coalition as “literal fascists,” linking the spyware use to an ideological crackdown on investigative reporting about far‑right youth groups.
  • Others ask for more evidence, distinguishing racism/antisemitism from full‑blown fascism and pointing to still‑intact judicial independence.
  • The core concern: a Western EU government allegedly deploying zero‑click spyware on foreign‑based journalists for exposing racism inside its ruling party.

Israeli spyware ecosystem and export ethics

  • Multiple commenters emphasize this is not a one‑off: Israeli firms (NSO, Paragon, etc.), often staffed by ex‑Unit 8200 personnel, have repeatedly sold tools to authoritarian clients who target journalists and dissidents.
  • Some push back that offensive tooling markets exist in many countries, not just Israel, and that focusing on Israel alone distorts the global CNE landscape.
  • Others counter with Citizen Lab and similar research: Israeli products appear disproportionately often on the phones of murdered or jailed dissidents, suggesting a systemic export problem, not mere bias.

Technical aspects and platform security

  • The Citizen Lab report is cited: Paragon’s Graphite used an iMessage zero‑click vector (CVE‑2025‑43200) apparently fixed in iOS 18.3.1. Details remain sparse due to the nature of high‑end exploits.
  • Discussion notes iOS’s “monoculture” makes a single exploit highly scalable; Android is also vulnerable but more fragmented.
  • Some criticize “security through obscurity” and argue no mainstream mobile OS can fully protect high‑risk targets from state‑grade implants.

Journalist OPSEC and practical defenses

  • There’s pessimism about what journalists can realistically do against zero‑click attacks: options boil down to minimizing phone use, splitting data across devices, or not carrying a phone at all.
  • Shared resources (digital security checklists, NGO training) are mentioned, but many stress that individual OPSEC cannot substitute for legal and political restraints on spyware vendors and state clients.

Law, outsourcing, and normalization of surveillance

  • Several comments tie this case to a broader pattern: powerful states outsource what is illegal or politically sensitive (torture, domestic spying) to “mercenary” partner states and private vendors.
  • Others argue that in practice cyberwar is almost lawless; without robust regulation and enforcement against these companies, abuses like journalist targeting will persist.