The United States Creates a Company to Spy on WhatsApp and Signal

In recent weeks we have seen a new scandal surrounding the Israeli company NSO Group . The company offers its Pegasus system to governments and government agencies to carry out espionage tasks taking advantage of unpatched zero-day vulnerabilities in the apps we use every day. Two years ago they successfully managed to spy on WhatsApp for a few weeks, where more than 50,000 cell phones of politicians, activists and big businessmen were attacked. Now, the United States is going to create its own similar company.

This company is called Paragon Solutions . It has no website, and there is hardly any information about it. Its more than 50 workers , however, are on LinkedIn. The company is based in Tel-Aviv , but the funding they receive is from the United States, probably because the country does not want to be linked to the hacks they are going to carry out.

The United States Creates a Company to Spy on WhatsApp and Signal

Paragon Solutions: designed to spy on WhatsApp

Its co-founder is Ehud Schneorson , a former commander of Unit 8200, the Israeli equivalent of the NSA. The rest of the co-founders also belong to Israeli intelligence, and there are also people who have worked at NSO. The company has received between 5 and 10 million euros from an American financier called Battery Ventures. This company has made large and successful investments in the past, with companies like Coinbase, Groupon, Splunk, SkullCandy, and Niantic.

The company has a clear goal: spy . They claim that they can give the police power to remotely access encrypted messaging applications , such as WhatsApp or Signal , but they also claim to be able to access Facebook Messenger and even Gmail . That access would also be permanent, since it would be resistant to reboots.

These types of companies represent a danger worldwide. Very few countries can have the resources to create a top-level hacking group, like China, the United States, or Russia . However, there are many countries that do have the money, but not the human capital. Therefore, they only have to pay these companies to be able to carry out their own attacks. NSO Group affirms that it does not work with undemocratic governments, but that has been seen to be a lie because they have worked, for example, with Saudi Arabia.

Paragon, at the moment, has no clients. However, the company claims the same as the NSO Group : that it will only sell its products to countries that respect international laws and respect fundamental rights and freedoms. Authoritarian or undemocratic governments will never be your clients.

The dangers of private spy companies

Paragon’s operation seems to be something different with respect to NSO Group, where the latter sought to hack entire mobiles. Paragon will focus on spying on mobile messaging. In addition, the company seems to be working with the United States for the time being, where they are already looking for clients.

John Scott-Railton, principal investigator of the Citizen Lab of the Munk School of the University of Toronto, affirms that the same mistakes cannot be made, and it is necessary to analyze the company and its clients to the millimeter to see what objectives they have. Scott-Railton says that in the past there has been too much secrecy, and we just have to see how far that has taken us.

Currently there are other similar companies, such as Toka, which focuses on allowing authorities to access Internet of Things devices such as Amazon’s Echo speakers for forensic analysis or after a house raid. These types of companies are very dangerous, and need to be supervised.