ICE Acquires Israeli-Made Spyware Capable of Hacking Phones and Encrypted Apps

Following the Trump administration’s decision, US immigration agents now have access to one of the most advanced hacking tools available globally, having secured a contract with Paragon Solutions, a company based in Israel, to develop spyware capable of infiltrating any phone, including encrypted applications.

The Department of Homeland Security initially established a contract with Paragon, a subsidiary of a US firm, in late 2024 during the Biden administration. However, this $2 million contract was suspended pending confirmation of an executive order that limits the application of US government spyware, as reported by Wired at that time.

According to recent updates, the suspension has been lifted. Public Procurement Documents now identify US Immigration Customs Enforcement (ICE) as the contracting agency.

This signifies that one of the most potent stealth cyber weapons ever engineered—created outside the United States—now resides with agencies that have been repeatedly accused of violating due process rights by private sectors and human rights organizations.

This information was first highlighted by journalist Jack Paulson in the All Source Intelligence Saback Newsletter.

Neither Paragon nor ICE immediately responded to inquiries for comments.

Once effectively utilized against a target, the hacking software known as Graphite can infiltrate any phone. By essentially gaining control over the device, users (in this instance, ICE) can monitor an individual’s location, access messages, view photos, and even read data stored in encrypted applications like WhatsApp and Signal. Additionally, spyware such as Graphite can function as a listening device by activating the phone’s recorder.

An executive order signed by the Biden administration sought to implement restrictions on the use of spyware by the US government, asserting that it must refrain from operating commercial spyware that poses significant risks to intellectual property or security concerns for the US, or creates a substantial risk of inappropriate usage by foreign entities. The Biden administration even took the extraordinary step of blacklisting rival spyware manufacturer NSO Group, underlining their alleged facilitation of targeted attacks on the mobile phones of adversaries, human rights defenders, and journalists.

Paragon aims to differentiate itself from NSO Group, stating that it exclusively engages with democratic entities and has a strict policy against providing services to clients that may misuse the technology against civil society members, such as journalists. Paragon has yet to disclose its clients, claiming no insight into how its clientele may target particular individuals.

Spyware developers like Paragon and NSO assert that their technologies are intended for preventing crime and curtailing terrorist threats. Nevertheless, past incidents have showcased the software being misused to harass innocent individuals, including those perceived as opponents of the government.

John Scott Railton, a senior researcher at the University of Toronto, stated that spyware like Graphite is being exploited by governmental bodies. He remarked that such tools are “designed for dictatorship, not democracies that prioritize freedom and individual rights.”

“The invasive and secretive nature of hacking abilities is corrupting. Consequently, a growing number of democratic surveillance scandals, including those involving Paragon’s Graphite, are emerging,” he added.

Paragon severed ties with Italy after it was uncovered that 90 individuals, including journalists and civil society figures, had been targeted with spyware across multiple countries. Those targeted by the Italian government included rights advocates critical of its dealings with Libya. Several journalists were also among those targeted, yet the motivations behind these hacking campaigns remain unclear.

The US government is apprehensive about deploying spyware technology outside its borders, as the companies providing these technologies to various nations pose potential security threats.

“As long as the same commercial spyware technology is shared among multiple governments, a built-in counterintelligence risk is present. All these entities are aware of the secret surveillance technologies employed by the US and can anticipate how to detect and counteract them,” Scott Railton remarked. “We remain uncertain of the implications since we face a shortage of avenues to cancel all foreign contracts with Paragon.”

Nadine Farid Johnson, the policy director at Columbia University’s Knight First Amendment Institute, dedicated to promoting free speech, expressed concerns over the “rapid and dramatic expansion of ICE’s budget and authority,” calling for congressional restrictions on the contexts in which spyware may be employed.

“Spyware like Paragon’s Graphite represents a profound threat to free speech and privacy,” Farid Johnson stated. “It has been previously used against journalists, human rights advocates, and political dissenters. The quiet reinstatement of the suspension order raises serious questions over whether certain administrative departments are bypassing the government’s own review protocols.”