Topics

later

AI

Amazon

Article image

Image Credits:Bryce Durbin/TechCrunch

Apps

Biotech & Health

Climate

An illustration of a smartphone with a surveilling eye on the screen, with Barcelona’s Sagrada Familia in the background.

Image Credits:Bryce Durbin/TechCrunch

Cloud Computing

Commerce

Crypto

an aerial view from a distance of the Sagrada Familia in the evening light in Barcelona, Spain.

View of the Sagrada Familia in the evening light in Barcelona, Spain, on October 19, 2024.Image Credits:Joan Valls/Urbanandsport/NurPhoto / Getty Images

Enterprise

EVs

Fintech

Fundraising

gismo

Gaming

Google

Government & Policy

Hardware

Instagram

layoff

Media & Entertainment

Meta

Microsoft

Privacy

Robotics

surety

societal

Space

startup

TikTok

deportation

speculation

More from TechCrunch

consequence

Startup Battlefield

StrictlyVC

Podcasts

Videos

Partner Content

TechCrunch Brand Studio

Crunchboard

adjoin Us

Toward the conclusion of 2023 , an Israeli security investigator from Tel Aviv say that he was approach on LinkedIn with an opportunity to work overseas with “ beneficial salary . ” He said that the company ’s HR department tell him that it was a “ logical ” vile security company that was commence from scrape in Barcelona , Spain .

But during the whole recruiting process , the researcher recounted to TechCrunch , thing felt a bit off .

“ The whole secrecy was very uncanny . Some employees that question me did n’t use their full figure , they take on super long to reveal where the party even is , permit alone its name . Why is it such a secret if everything ’s legit ? ” the research worker distinguish TechCrunch . “ It seems like a company that might get sanction in the future , and thing might get lousy . ”

When he verbalize to the troupe ’s chief applied science officer , the research worker said that he was tell something along the contrast of , “ We will only have legit client and unlike other companies wo n’t deal to fishy nations . ”

Alexey Levin , the hiring CTO and a former research worker at the sanctioned spyware maker NSO Group , secern the research worker that the fellowship trying to rent him was called Palm Beach Networks and that it develops everything from the zero - day exploits used for compromising devices to the spyware implant itself , referring to the surveillance software that gets instal on a target ’s gimmick , according to the researcher .

The investigator said that Levin also told him that Palm Beach Networks had at least one U.S. governing customer . ( Levin did not respond to a petition for scuttlebutt . )

But why found a spyware startup in Barcelona , which just years earlierwas at the center of a astray - reaching political scandalwhere Spanish political science functionary used spyware to target local political leader who pushed for independence ? The researcher tell that company employees separate him that it was because dwell in the urban center is alike to exist in Israel , that there aregood taxation benefitsand good weather .

Those are some of the reasons why in the last couple of years , Barcelona has become an unlikely hub for spyware companies , concord to multiple the great unwashed who work in the sickening cybersecurity industry who spoke with TechCrunch , as well as clientele record we have see .

Having Barcelona become a of the essence regional outpost for offensive cybersecurity company puts the spyware job foursquare on the threshold of Europe , which hasa techy relationship with surveillance technical school , due to dirt inCyprus , Greece , Hungary , andPoland — all involve Israeli spyware Creator .

“ It is a occupy development if a major city in Europe becomes a hub for spyware makers , ” Natalia Krapiva , the effectual counsel at non-profit-making Access Now , which specializes in investigate and research spyware , told TechCrunch . Krapiva said that the spyware business organization “ goes script in paw with corruption and vilification of power . ”

“ Spanish citizens , media , and policymakers should be cautiously scrutinizing these businesses in price of whether their operations are ordered with national and EU law and whether the Spanish government activity may be involved in ill-treat their surveillance tools , especially given Spain ’s history with Pegasus , ” said Krapiva .

John Scott - Railton , a senior researcher at the Citizen Lab , where he and his workfellow have for more than a decennary investigated abuses carry out with spyware tools , also express concern . Scott - Railton noted that in the past , there have been case of spyware revilement not only against human right activists and protester in nondemocratic countries like Ethiopia and Saudi Arabia , but also against U.S. diplomatsand targeted individual , including politicians and citizens within Europe ’s borders .

“ This will add fuel to the fire of Europe ’s spyware crisis . If experience is a pathfinder , it ’s only a matter of clock time before this tech winds up used by customers against Spain ’s ally and EU partner , ” Scott - Railton differentiate TechCrunch . “ Governments that allow this manufacture to flourish take a gamble with their own hole-and-corner capacity and human capital . These capableness tend to drain outwards , admit to potential future opponent , once freelance spyware and exploit developers come to townsfolk and start charter . ”

Sun, seafood, and spyware

aside from Palm Beach Networks ( as it was known at the clip ) , Barcelona is dwelling house to several other effort and spyware makers that are also making the most of the city ’s cheery , temperate weather , fresh seafood , and vivacious expat residential district .

Among them are Paradigm Shift , which was founded by former employees of Variston inthe consequence of the ship’s company ’s collapse last twelvemonth ; and Epsilon , which is led by Jeremy Fetiveau , an industriousness veteran who used to work for a division within U.S. defense giant L3Harris that was create after the party acquired the Australian inauguration Azimuth . Fetiveau did not return a petition for comment .

The city is said to also be home to an unnamed group of Israeli researchers who motivate to Barcelona from Singapore to make for on developingzero - dayexploits . The cosmos of this unnamed team as well as Epsilon ’s presence in Barcelonawas first reported by Israeli newspaper Haaretz , whose article set off coverage inlocalnewspapersand newswebsites .

Šekularac did not react to a request for comment prior to publication . In a late email , Šekularac said , “ SAFA unequivocally denies any involvement with spyware . Our focus is entirely on provide inquiry and terror Intelligence services to our clients , which are exclusively distinct from the development or utilisation of spyware . ” Šekularac added : “ SAFA has no employees with prior connections to spyware companies , and this affirmation misrepresents our team ’s professional backgrounds and integrity . ”

These zero - Clarence Shepard Day Jr. and spyware companies are part of a all-encompassing cybersecurity and startup ecosystem in Barcelona . As of last year , grant to the Catalan regional government activity , there were more than 10,000 hoi polloi working for more than 500 cybersecurity company in Barcelona , or around 50 % more prole than five years earlier .

Barcelona is n’t just a hotbed for surveillance technical school makers but startups in general , withsomerankingthe city among the top startup hubs in Europe . The city is the founding home base for food delivery startup Glovo , which competitor Delivery Hero valued at€2.3 billion in 2021when it acquired a bulk stakes in the Catalan party ; orthodontics startup Impress , whichraised $ 125 million in 2022and$114 million in 2024 ; and business travel management platform TravelPerk , whichraised $ 104 million in 2024 . These are among more than 2,200 other inauguration , accord to the Barcelona and Catalonia Startup Hub , a local politics project that tracks the inauguration ecosystem in the realm .

The city is attractive to prole because itscost of support is cheaperthan other European inauguration hubs like London , Amsterdam , and Berlin . Then there ’s the perhaps more obvious reasons , at least for anyone who ’s been to Barcelona : The city has nice beaches , standardized to Tel Aviv , Cyprus , and Greece , places that are or were rest home to spyware company likeNSO Group , Circles , andIntellexa .

There are also other reason , apart from the metropolis ’s attraction , that have brought Israeli security researchers in particular to Barcelona . As Haaretz reportedat the oddment of December 2024 , Israel has become more restrictive in granting permission to export spyware to other countries in the aftermath of the scandals involving NSO Group , leaving the doorway subject for troupe to move overseas . It is now more difficult for companies to export spyware from Israel to the rest of the reality , including the European Union , than from within the bloc itself .

One mortal told Haaretz that this process is not “ emigration to Spain , it ’s expulsion to Spain . ”

While Paradigm Shiftis openly advertising itselfas an offensive cybersecurity companionship , with line of work itemization for roles that jibe this type of clientele , other troupe are n’t as diaphanous , just like Variston used to be . Paradigm Shift is maneuver by Leone Pontorieri , agree to the caller ’s patronage records , as well as Filippo Roncari and Simone Ferrini , according to their public LinkedIn profiles . The three were part of an Italian inauguration that was acquired by Variston in 2018 , when the company set up in Barcelona , and one of the first spyware company to countersink up its operation in the Catalan city .

In an electronic mail , Pontorieri told TechCrunch that Paradigm Shift is “ a new established and entirely main entity ” founded by former Variston security researchers , but that Paradigm Shift has “ no connectedness , affiliation , or tie — direct or indirect ” with Variston ’s business concern .

As for Paradigm Shift ’s operations , Pontorieri suppose that the party serves “ a various client foundation , rank from big enterprises to law enforcement agencies , depending on the specific avail required , ” without providing specific . Pontorieri said that the inauguration ’s decision to found Paradigm Shift in Barcelona was not for reasons of exportation control regulations , but rather because of the city ’s appeal , which “ provides a vibrant environment for everyone ” and has the sum up benefit of “ facilitating enlisting . ”

A stealthy startup with many names

Palm Beach Networks has so far avoided any public claim of involvement in human rightfield ill-treatment , unlike spyware makers NSO Group , and before it Hacking Team and FinFisher , have in the past . But the party does have an intriguing chronicle of changing name , a scheme thatother spyware seller have antecedently used to mask their corporate ownership . Israeli spyware makers Candiru rebrandedseveral timesbefore the company wasadded to the U.S. administration ’s trade ban listin 2021 , and NSO itself hada complex corporal structure .

The name Palm Beach Networks “ was a piece close and only articulate by Levin and others at tardy degree , ” according to the Israeli researcher .

As it turns out , Palm Beach Networks may already be an obsolete name , and the 2nd iteration of a startup with a dissimilar identicalness .

A company called Defense Prime Inc. became Palm Beach Networkson May 11 , 2023 . On June 16 , 2023 , a party called Head and Tailstarted operationsin Barcelona . Then on June 28 , 2024 , Palm Beach Networkswas dissolved , grant to business record book file away in Florida and Spain .

Defense Prime and Palm Beach Networks appear to be linked to Head and Tail due to overlapping executive director and key figures .

A mortal mention Sai Gopalis listedas Head and Tail ’s authorized signatory in Spanish business records , and someone with the same name waslisted as the treasurerof Defense Prime in Florida business records . Gopal could not be reach for comment .

Business recordsalso show Levin , the CTO who try out to hire the Israeli security measure researcher for Palm Beach Networks , is the director of Head and Tail . Representatives from Head and Tail did not refund TechCrunch ’s request for commentary .

A current executive at a spyware Jehovah , who need to remain anonymous , narrate TechCrunch that Levin works at Palm Beach Networks . antecedently , the executive director aver , Levin was an early developer at NSO Group , and then also worked at Candiru .

On its prescribed website , Head and Tail makes no explicit reference of the fact that it develops surveillance engineering science but or else order it address “ a 10000 of cybersecurity issues , including threat tidings , vulnerability assessments , security cognisance preparation , and incident reply . ” The society has business listings for Barcelona , Madrid , and Sevilla .

In the ending , the Israeli research worker turn down the prospect to work at Palm Beach Networks , even though the great unwashed he bed tell him the company pays some of its employee eye - watering salary that vastly exceed the res publica ’s gross annual average .

The researcher say he was worried he may end up like some NSO Group ’s employees , who have had to deal with the fallout from human right scandal , Facebookblocking and deleting their personal history , and the U.S. governmentthreatening to refuse their visas .

“ I could get just enough money elsewhere and not have to occupy about what will happen or who I ’m working for , ” said the researcher , “ especially when I feel they are n’t a transparent company and I would n’t know who the customers are . ”

Updated with comment from Paradigm Shift ’s Pontorieri ; and added answer from SAFA ’s Šekularacand elucidate the paragraph about the researchers ’ body of work experience at sickening security companionship .