NEW: turns out the EU helped finance a bunch of spyware companies with..public money. That's YOUR money if you live in Europe. Eou deserve to know that your money is fueling spyware companies like Paragon. image And if you aren't in Europe? There's a good chance that the mercenary spyware crisis is still fueled by your pensions & tax dollars. Whether it's Oregon public employees or Alaskans, Europeans or folks in South Yorkshire... The Fund managers stewarding your cash bear a heavy ethical responsibility for the harms they turbocharged. And they completely sidestep it. Now a group of MEPs from 4 EU political groups is calling for action & transparency. Good to see them leaning in... image It's great to see a cross-cutting call for action... image Kudos to these MEPs for standing up. But honestly, there should be many, many more.. image Here's the story:
European Investment Fund financed Israeli spyware company Paragon
Paragon's spyware has been used against activists by multiple governments.
PAY ATTENTION: The UK again asked Apple to backdoor iCloud encryption. Backdoors create a massive target for hackers & criminal groups. image Dictators will inevitably demand that Apple build the same access structure for them. They insert vulnerable bad things right at the place where we need the strongest protections. image This latest attempt to demand access is *yet another* unreasonable, secret demand on Apple (a TCN) from the Home Office....
Client Challenge
NEW: foreign mercenary spyware is coming to the US. ICE just quietly unsuspended contract with spyware maker #Paragon. They got caught this year being used to hack journalists. Friend, let me me bring you up to speed on why this is bad on multiple fronts. image YOUR BACKGROUND BRIEF: #Paragon was co-founded in Israel in 2019 by ex head of Israel's NSA equivalent (Unit 8200) w/ major backing from former Israeli PM Ehud Barak. Pitched themselves as stealthy & abuse-proof alternative to NSO Group's Pegasus. image The company has been trying to get into the US market for years. For a long time all we knew about Paragon was their performance as a 'virtuous' spyware company with values. image All that came to a crashing halt in 2025 when they got very caught, helping customers hack targets across #WhatsApp. WhatsApp did the right thing & notified users. image Almost immediately after the WhatsApp notifications, we started learning about the targets. They weren't the supposed serious criminals... They were Journalists... human rights defenders...groups working on sea rescues.. etc In other words, a very NSO-like scandal. image Ultimately Paragon & its Italian customer had a massive spyware scandal on their hands. WhatsApp wasn't the only player tracking paragon & doing user notifications. Apple got in on the game. Ultimately, we at the Citizen Lab had forensically analyzed cases from each notification round. image We testified to Italy's parliamentary intelligence oversight committee about our findings.
image image
The conclusion? Deeply unsatisfactory. Italy admitted hacking some targets, but denied hacking journalists. Tons of loose ends with Paragon. And they haven't been honest about who used their tech to hack journalists in Europe. BIG PICTURE: After 14 years investigating countless spyware companies, I tell you with confidence: Mercenary spyware is a power abuse machine incompatible with American constitutional rights and freedoms. Our legal system isn't designed for it, oversight mechanisms are woefully inadequate to protect our rights... Here's the thing. You probably know that mercenary spyware like #Pegasus gets sold to dictators. Who, predictably, abuse it. But We have a growing pile of cases where spyware is sold to democracies... and then gets abused. HISTORY LESSONS History shows: secret surveillance usually winds up abused. The history of the US is littered with surveillance abuses. Thing is, our phones offer an unprecedented window into our lives. Making zero-click mercenary spyware an especially grave risk to all our freedoms. If the government has wants access to your accounts for law enforcement...they have to prepare a judicially authorized request and send it to the company, which reviews it. Mercenary spyware bypasses any external review. And the whole industry behind it seeks maximum obscurity. COUNTERINTELLIGENCE THREATS? YEAH THAT TOO I'm concerned about the impact on our rights an dour privacy. But there's something else that should worry everybody about the choice to work with the company: Paragon poses a potentially grave counterintelligence threat to the US. Let me explain. When you use an integrated spyware package to conduct sensitive law enforcement / intelligence business, you have to place a lot of trust in them... If the developers originate from a foreign intelligence service that aggressively collects against the US government, that should be a huge red flag. America (or any country) should be maximally wary about using foreign-developed surveillance tech for the same reason that America shouldn't operate a Chinese-made stealth fighter. So, have Paragon's spyware, people & ops been aggressively vetted for technical and human counterintelligence risks? MERCENARY SPYWARE = FATE SHARING Paragon's #Graphite mercenary spyware shares the same downsides as other products in their class: ❌They keep getting caught We researchers aren't the only ones that have found techniques for tracking and identifying Paragon spyware... I'm sure hostile govs have too. image ❌Customers fate share. Since all customers roll the same tech, when one gets caught it impacts & potentially exposes everyones' activities. Now, that fate sharing will include US law enforcement activity. WHAT CAN YOU DO? What can you do? Take 5 minutes and call your member of Congress. Ask them to request a briefing on Paragon. They should ask whether the company was properly vetted & reviewed. What is the oversight mechanism for this maximally invasive technology? What are the guardrails? How would abuses be handled? Etc. PERSONAL SECURITY? Paragon & this category of spyware is fiendishly hard to track & defend against. And on a personal level? Apple's Lockdown Mode & Android Advanced Protection both offer some serious security benefits but neither is a silver bullet.. Unfortunately, as of right now I am pretty confident that no publicly available / commercially developed third party tool can reliably detect Paragon spyware either in realtime. Or retrospectively. Beware a false sense of security. If you got this far & found this post useful, let me know! Drop a comment. SELECTED READING LIST Exclusive: ICE reactivated its $2 million contract with Israeli spyware firm Paragon, following its acquisition by U.S. capital
Exclusive: ICE reactivated its $2 million contract with Israeli spyware firm Paragon, following its acquisition by U.S. capital
The cyber division of ICE's Homeland Security Investigations on Saturday quietly lifted a stop-work order put into place by the Biden administratio...
 Virtue or Vice? A First Look at Paragon’s Proliferating Spyware Operations
The Citizen Lab
Virtue or Vice? A First Look at Paragon’s Proliferating Spyware Operations - The Citizen Lab
In our first investigation into Israel-based spyware company, Paragon Solutions, we begin to untangle multiple threads connected to the proliferati...
 Graphite Caught First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted
The Citizen Lab
Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted - The Citizen Lab
On April 29, 2025, a select group of iOS users were notified by Apple that they were targeted with advanced spyware. Among the group were two journ...
Government‑mandated KYC to read is coming fast. And the walls of castle freedom are cracking. image