6 March 2024

US sanctions Predator spyware vendor for targeting officials and journalists


US sanctions Predator spyware vendor for targeting officials and journalists

The US authorities slapped sanctions on two individuals and five entities associated with the Intellexa Consortium for their role in developing, operating, and distributing commercial spyware used to target government officials, journalists, and policy experts.

The Department of the Treasury’s Office of Foreign Assets Control (OFAC) said in a statement that the Intellexa Alliance, which includes several companies such as Nexa Technologies, WiSpear/Passitora, Senpai and the Predator spyware developer Cytrox, has served as a marketing entity for numerous offensive cyber firms specializing in commercial spyware and surveillance solutions.

Predator is a suite of software designed for targeted and mass surveillance operations. Utilizing zero-click attacks, the Predator spyware can infiltrate a wide array of electronic devices without requiring any user interaction. Once installed, the spyware grants unauthorized access to sensitive data, enables geolocation tracking, and provides access to various applications and personal information stored on the compromised device.

The US sanctions targeted five companies in the Intellexa consortium, as well as the company’s founder, Tal Jonathan Dilian (Dilian), and one of the group’s top managers, Sara Aleksandra Fayssal Hamou (Hamou), who were sanctioned as individuals. The sanctioned companies are Greece-based Intellexa S.A., Ireland-based Intellexa Limited, North Macedonia-based Cytrox AD, Hungary-based Cytrox Holdings Zartkoruen Mukodo Reszvenytarsasag (Cytrox Holdings ZRT), and Ireland-based Thalestris Limited.

In July 2023, the US State Department added Cytrox and Intellexa to an economic blocklist for engaging in activities contrary to the national security or foreign policy interests of the United States. In early February, the US announced visa restrictions for individuals involved in the misuse of commercial spyware.

Back to the list

Latest Posts

Morocco-based cybercriminals hack large retailers for gift card theft

Morocco-based cybercriminals hack large retailers for gift card theft

Microsoft reported a 30% increase in Storm-0539 intrusion activity between March and May 2024.
27 May 2024
Transparent Tribe APT targets Indian gov’t and defense sectors with cross-platform malware

Transparent Tribe APT targets Indian gov’t and defense sectors with cross-platform malware

Recent campaigns have seen the group using cross-platform programming languages such as Python, Go, and Rust.
27 May 2024
MITRE hackers created rogue VMs to evade detection

MITRE hackers created rogue VMs to evade detection

MITRE has concluded its internal cyberattack investigation.
27 May 2024