On Monday, the The Biden administration announced that six new countries had joined an international coalition to combat the spread of commercial spyware, sold by companies such as NSO Group or Intellexa.
Now, some investors have announced that they, too, are committed to fighting spyware. But at least one of those investors, Paladin Capital Group, has previously invested in a company that developed malware, according to a leaked 2021 slide obtained by TechCrunch, though the company tells TechCrunch it “exited” the company at some point. before.
Over the past two years, the US government has led an effort to limit or at least limit the use of spyware around the world, putting surveillance technology makers such as NSO Group, Candiru and Intellexa on blacklists, as well as imposing export controls on them. companies and visa restrictions to people involved in the industry. More recently, the government imposed financial sanctions not only on companies, but also directly on the executive who founded Intellexa. These actions have alerted others in the spyware industry.
In a call with reporters Monday that TechCrunch participated in, a senior Biden administration official said a representative from Paladin participated in meetings at the White House on March 7, as well as this week in Seoul, where the governments gathered for the Summit Summit for Democracy. discuss spyware.
Paladin, one of the largest investors in cyber startups, and several other venture firms published a set of voluntary investment principlesnoting that they will invest in companies that “advance the defense, national security, and foreign policy interests of free and open societies.”
“For us, it was an important first step in having an investor outline both the recognition that investment should not be directed at companies selling products or selling to customers that can undermine free and fair societies,” said the senior administrative officer. the call, where reporters agreed not to name the officials.
To hear some of these investors talk, you’d think that spyware has no place in a free and open society.
In an interview with TechCrunch, Michael Steed, founder and managing partner at Paladin, explained the company’s thought process when considering investing in a cybersecurity company. “Could this technology be used in commercial spyware?” he asked rhetorically. “We review these technologies in a way that seeks to protect the economic, national security, and foreign policy interests of a free and open society.”
However, in the past, Paladin invested in Boldend, a little-known aggressive cybersecurity startup founded in 2017 and based in California.
Among several other products, Boldend claims to have developed an “all-in-one malware platform” called Origen, which “allows for the easy creation of any piece of malware for any platform,” according to the leaked slide deck.
Boldend advertised Origen as “capable of automating any possible attack” against Windows, Linux, Mac and Android devices, describing Origen informally as a “device management tool”. In another slide, Boldend said a future goal of Origen was to perform “auto-compromise, lateralization, and forensic abstraction.”
In other words, this is Boldend’s platform for hacking and extracting data from someone’s device.
Contact us
Do you know more about Boldend? Or for spyware providers? From a non-working device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382 or via Telegram, Keybase and Wire @lorenzofb or via email. You can also contact TechCrunch via SecureDrop.
Steed said Paladin is no longer investing in Boldend, although he declined to explain why. Steed did not respond to follow-up questions trying to clarify how Paladin’s relationship with Boldend ended.
“He didn’t do what we wanted him to do. So we got away from it,” Steed told TechCrunch.
Boldend did not respond to a request for comment. The startup’s website is straightforward and says little about what the company does. When reached by TechCrunch in October 2023, Boldend board member Mike Barry, now listed on LinkedIn as the company’s CEO, said the startup was “very much alive and well.”
In the leaked slide deck, Boldend claims to have sold his “ammunition and cyber expertise” to Raytheon, Novetta, FEDDATA, the Department of Defense, the US Government Command and, more broadly, the intelligence community. Boldend also said it received funding from Founders Fund, the massive venture capital firm led by Peter Thiel, and Gula Tech Adventures.
The leaked slides describe several different products. In addition to Origen, there is Kevlar, an automated platform for implant analysis. Hedgemaze, a confusing traffic routing platform for infrastructure management. and Cricket, a portable hardware platform for launching Wi-Fi-based attacks.
Boldend states in the slides that it hoped to develop software for “full turnkey cyber operations,” such as offensive cyber capabilities, electronic warfare and signals intelligence. US government-sanctioned hack-back services; and an AI platform “for dynamic identification, exploitation, infrastructure creation, as well as creation of online personas to perform a variety of intelligence tasks while maintaining forensic integrity,” including creating and of spreading “fake news with social media”.
In one of the slides, Boldend claims to have developed tools to gain “remote access to all WhatsApp on all Androids.” And that he spent a year developing this skill, but was “burnt by an update.” The New York Times first reported the creation of WhatsApp by Boldend.
Gula Tech, which also invested in Boldend, also signed the principles and commitments published by Paladin. Ron Gula, the president and co-founder of Gula Tech, declined to comment for this article.
Gula Tech and Paladin’s investment in Boldend — essentially a US-based exploit and hacking software company — and the two investment firms’ commitment not to invest in spyware companies may seem at odds. But the investors’ pledge leaves the door open to investing in certain companies if they serve the interests of the United States and “free and open societies.”
Just how far do these principles extend as they relate to other countries that are close allies of the United States but with histories of potential human rights abuses? Does this mean, for example, that Paladin would not invest in companies based in Saudi Arabia or companies in Israel? Steed would not commit to an immediate answer.
“If you talk to Israel, you talk to Saudi Arabia, they would tell you that they are free and open societies and that they are allies of the United States. We are still very cautious. “Whether it’s Israel, Saudi Arabia, France or Germany, we’re still very careful about what we invest in,” said Steed. “To make sure we don’t violate the concept of a free and open society.”
What a free and open society means, and where that red line lies, seems to be something only investors know.
