In our first investigation into Israel-based spyware company, Paragon Solutions, we begin to untangle multiple threads connected to the proliferation of Paragon's mercenary spyware operations across the globe. This report includes an infrastructure analysis of Paragon’s spyware product, called Graphite; a forensic analysis of infected devices belonging to members of civil society; and a closer look at the use of Paragon spyware in both Canada and Italy.
In a joint investigation with The First Department, The Citizen Lab uncovered spyware covertly implanted on the phone of a Russian programmer following his release from Russian custody. The Monokle-like spyware allows an operator to track the device’s location, record phone calls, keystrokes, and read messages from encrypted messaging apps.