Peter Thiel-backed cyberwar contractor Boldend is taken over

BOldend, a secretive cybersecurity and hacking firm that works with U.S. military and intelligence agencies and is backed by billionaire investor Peter Thiel, has been acquired by Sixgen, a company that provides cyber tools to the U.S. government.

The news comes a year after Sixgen was acquired by private equity firm Washington Harbor, which plans to build a significant business in the “full spectrum” of the cyber industry, where companies provide both offensive and defensive services. Boldend and Sixgen declined to provide financial details about the acquisition.

Boldend focuses on automation, providing technology that can create security and hacking tools for various platforms. Report from New York Times in 2022 revealed that it once developed a hacking tool to exploit WhatsApp, and TechCrunch earlier this year reported on a leaked slide deck that revealed that Boldend was selling an “all-in-one malware platform” called Origen that “enables easy development of any malware for any platform.” The slides show that Boldend also offered an AI platform “to dynamically identify, exploit, build infrastructure, and create online personas to perform a variety of intelligence tasks while maintaining forensic integrity,” including creating and dispersing “fake news using social media.” In addition to its U.S. government contracts, the company also previously landed a deal with defense giant Raytheon.

Boldend CEO Mike Barry, a former senior CIA operative, said: Forbes the company has moved away from its Origen software, with its offensive operations focused on helping U.S. agencies attack foreign adversaries. It does offer a Wi-Fi hacking tool called Cricket that is “designed to easily launch known disruptive cyber operations,” according to Boldend’s website. Barry said its “primary” product is called Hedgemaze, a secure communications platform that can run “almost anywhere in the world, whether there’s infrastructure or not.” The company markets it as an operating system “that can be paired with a variety of communications infrastructures when more traditional methods of communication aren’t available.” It didn’t explain how it maintained communications in such environments.

“We are giving government consumers the ability to deploy offensive payloads overseas.”

“We are giving government consumers the ability to deploy offensive payloads overseas,” Barry said. Forbes(Payloads are a catch-all term for software exploits and malware.) “A lot of companies are wondering, ‘Can we hack into WhatsApp? Can we hack into Wickr, Signal? All of those things, that’s not what Boldend is doing today.’” Many surveillance firms, including U.S.-based Paragon and Israeli firms like NSO Group, have focused on exploits for specific encrypted apps.

“We have adversary networks around the world that are trying to attack the United States, they’re trying to attack allies,” Barry said. “We’re giving government customers the ability to protect their own networks, but we’re also deploying payloads and implants to support any operational missions that the U.S. government has.”

Little is known about Sixgen or its customers, though one of its largest contracts is to provide DHS’s Cybersecurity and Infrastructure Security Agency (CISA) with “red teaming” technology to test the security of government and critical infrastructure networks. AI is likely to be key to the connected future of businesses, and in particular to this CISA contract. Sixgen CEO Jack Wilmer, a former Department of Defense chief information security officer, has said AI could help his white-hat hackers by making them more efficient and helping them find weaknesses in a “wider range” of critical infrastructure systems.

For both companies, it has proven safer to focus on the U.S. than to look abroad for contracts. NSO Group and Greece-based Intellexa have faced scrutiny for alleged sales to regimes with poor human rights records that have used vendors’ malware to target journalists, politicians and civil rights activists. Boldend and Sixgen have largely kept a low profile, selling to a single client: the U.S. federal government.

MORE FROM FORBES

ForbesFacebook warns that 50,000 users have fallen victim to spy firmsBy Thomas BrewsterForbesMultimillionaire surveillance equipment salesman emerges from the shadows… and his $9 million WhatsApp hacking vanBy Thomas BrewsterForbesNew police technology can detect phones, animal trackers and library books in moving carsBy Thomas BrewsterForbesNew police technology can detect phones, animal trackers and library books in moving carsBy Thomas Brewster