How Barcelona became an unlikely hub for spyware startups
Toward the end of 2023, an Israeli security researcher from Tel Aviv said that he was approached on LinkedIn with an opportunity to work abroad with “good pay.” He said that the company’s HR department told him that it was a “legitimate” offensive security company that was starting from scratch in Barcelona, Spain.
“The whole secrecy was very weird. Some employees that interviewed me didn’t use their full names, they took super long to reveal where the company even is, let alone its name. Why is it such a secret if everything’s legit?” the researcher told TechCrunch. “It seems like a company that might get sanctioned in the future, and things might get dirty.”
When he spoke to the company’s chief technology officer, the researcher said that he was told something along the lines of, “we will only have legit customers and unlike other companies won’t sell to shady nations.”
Alexey Levin, the hiring CTO and a former researcher at the sanctioned spyware maker NSO Group, told the researcher that the company trying to hire him was called Palm Beach Networks, and that it develops everything from the zero-day exploits used for compromising devices to the spyware implant itself, referring to the surveillance software that gets installed on a target’s device, according to the researcher.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25081901/Polestar_Day_Daniel_Golson_50.jpg)
