Israeli Spyware That Can Hack Encrypted Apps Now in Hands of ICE

Report Issue

Please complete the required fields.

Your Name

Email

Reason (required)
This post contains broken linksPost has incorrect informationPost has spamCopyright IssueOther

Description

Submit

US immigration agents will have access to one of the world’s most sophisticated hacking tools after a decision by the Trump administration to move ahead with a contract with Paragon Solutions, a company founded in Israel which makes spyware that can be used to hack into any mobile phone – including encrypted applications.

The Department of Homeland Security first entered into a contract with Paragon, now owned by a US firm, in late 2024, under the Biden administration. But the $2m contract was put on hold pending a compliance review to make sure it adhered to an executive order that restricts the US government’s use of spyware, Wired reported at the time.

That pause has now been lifted, according to public procurement documents, which list US Immigration and Customs Enforcement (Ice) as the contracting agency.

It means that one of the most powerful stealth cyberweapons ever created – which was produced outside the US – is now in the hands of an agency that has repeatedly been accused by civil and human rights groups of violating people’s due process rights.

The story was first reported by the journalist Jack Poulson on his All-Source Intelligence Substack newsletter.

Neither Paragon nor Ice immediately responded to a request for comment.

When it is successfully deployed against a target, the hacking software – called Graphite – can hack into any phone. By essentially taking control of the mobile phone, the user – in this case, Ice – can not only track an individual’s whereabouts, read their messages, look at their photographs, but it can also open and read information held on encrypted applications, like WhatsApp or Signal. Spyware like Graphite can also be used as a listening device, through the manipulation of the phone’s recorder.

An executive order signed by the Biden administration sought to establish some guardrails around the US government’s use of spyware. It said that the US “shall not make operational use of commercial spyware that poses significant counterintelligence or security risks to the United States government or significant risks of improper use by a foreign government or foreign person”. The Biden administration also took the extraordinary step of placing one of Paragon’s rival spyware makers, NSO Group, on a commerce department blacklist, saying the company had knowingly supplied foreign governments to “maliciously target” the phones of dissidents, human rights activists and journalists.

Paragon has sought to differentiate itself from NSO Group. It has said that, unlike NSO – which previously sold its spyware to Saudi Arabia and other regimes – that it only does business with democracies. It has also said it has a no tolerance policy and will cut off government clients who use the spyware to target members of civil society, such as journalists. Paragon refuses to disclose who its clients are and has said it does not have insight into how its clients use the technology against targets.

Spyware makers like Paragon and NSO have said their products are intended to be used to prevent crime and terrorist attacks. But both companies’ software has been used in the past to target innocent people, including individuals who have been perceived to be government enemies.

John Scott-Railton, a senior research at the Citizen Lab at the University of Toronto, who is one of the world’s leading experts on cases in which spyware like Graphite has been abused by governments, said in a statement that such tools “were designed for dictatorships, not democracies built on liberty and protection of individual rights”.

“Invasive, secret hacking power is corrupting. That’s why there’s a growing pile of spyware scandals in democracies, including with Paragon’s Graphite,” he said, referring to a controversy in Italy that erupted late last year.