MERCENARY MAYHEM
A technical analysis of Intellexa's PREDATOR spyware - 2023 https://blog.talosintelligence.com/mercenary-intellexa-predator/
Spyware suppliers take great care to make the final payloads difficult to detect, obtain, analyze and protect against by creating deployment sequences that often require little or no user interaction. The delivery mechanism is usually an exploit chain that can start a zero-click exploit, like #FORCEDENTRY, which is produced by Israeli spyware firm #NSO Group, or with a link that the victim is tricked into clicking (i.e., a “one-click” exploit), like the one created by the surveillance company Cytrox to deploy their own spyware known as “PREDATOR.” (Note: #Cytrox is owned by Intellexa, which sells the #PREDATOR spyware.)
#spyware #israel
A technical analysis of Intellexa's PREDATOR spyware - 2023 https://blog.talosintelligence.com/mercenary-intellexa-predator/
Spyware suppliers take great care to make the final payloads difficult to detect, obtain, analyze and protect against by creating deployment sequences that often require little or no user interaction. The delivery mechanism is usually an exploit chain that can start a zero-click exploit, like #FORCEDENTRY, which is produced by Israeli spyware firm #NSO Group, or with a link that the victim is tricked into clicking (i.e., a “one-click” exploit), like the one created by the surveillance company Cytrox to deploy their own spyware known as “PREDATOR.” (Note: #Cytrox is owned by Intellexa, which sells the #PREDATOR spyware.)
#spyware #israel
Forwarded from Pegasus NSO & other spyware
The arrival of Cytrox into Europe’s ongoing scandal shows the problem is bigger than just the NSO Group. The bloc has a thriving spyware industry of its own. In June 2022 Google discovered the Italian spyware vendor RCS Lab was targeting smartphones in Italy and Kazakhstan. Alberto Nobili, RCS’ managing director, told WIRED that the company condemns the misuse of its products but declined to comment on whether the cases cited by Google were examples of misuse.Spyware vendor targets users in Italy and Kazakhstan – 2022
Seven of the nine zero-day vulnerabilities our Threat Analysis Group discovered in 2021 fall into this category: developed by commercial providers and sold to and used by government-backed actors. TAG is actively tracking more than 30 vendors with varying levels of sophistication and public exposure selling exploits or surveillance capabilities to government-backed actors.#Italy #RCS #Cytrox #Kazakhstan #EU #NSO
Forwarded from Pegasus NSO & other spyware
Israel Invested in Spyware That Brought Down Greek Spymaster - Haaretz - June 2023
#Greece #Grèce #NSO #Cytrox #Predator #Pegasus #Cyprus
#Inpedio #CyberLab #Macedonia #Israel #Singapore
#Intellexa #Chypre #spyware
#IAI
Two firms, one office
Haaretz has reviewed corporate documents from the Netherlands, Hungary, North Macedonia, Singapore and Israel that show that the two firms’ founders and directors were the same Israelis. Inpedio was registered in the Netherlands in 2016 by two founders: Rotem Farkash and Abraham Rubinstein. The very same Farkash and Rubinstein would establish Cytrox Holdings in Hungary - where IAI invested in - and a subsidiary, Cytrox Software, in North Macedonia, in 2017. The two registered Cytrox with their Inpedio email accounts.
Farkash is a hacker-turned-cyber-entrepreneur who later became a partner and senior official in Intellexa, an alliance of digital surveillance firms founded in Cyprus and Greece by former Israeli army intelligence commander Tal Dilian.
#Greece #Grèce #NSO #Cytrox #Predator #Pegasus #Cyprus
#Inpedio #CyberLab #Macedonia #Israel #Singapore
#Intellexa #Chypre #spyware
#IAI
Forwarded from Pegasus NSO & other spyware
The U.S. government has banned European commercial spyware manufacturers Intellexa and Cytrox - BleepingComputer - July 2023
#Intellexa #Cytrox #Greece #Macedonia #Hungary #Ireland #EU #US #Spyware
#Predator
The U.S. government has banned European commercial spyware manufacturers Intellexa and Cytrox, citing risks to U.S. national security and foreign policy interests.
The Commerce Department's Bureau of Industry and Security (BIS) added four commercial entities to its Entity List: Intellexa S.A. from Greece, Intellexa Limited from Ireland, Cytrox Holdings Zrt from Hungary, and Cytrox AD from North Macedonia.
This decision was motivated by the four companies' involvement in trafficking cyber exploits used to gain unauthorized access to the devices of high-risk individuals worldwide, threatening their security and privacy#Intellexa #Cytrox #Greece #Macedonia #Hungary #Ireland #EU #US #Spyware
#Predator
Forwarded from Pegasus NSO & other spyware
PREDATOR IN THE WIRES: Ahmed Eltantawy Targeted with Predator Spyware After Announcing Presidential Ambitions | The Citizen Lab –
#Predator #Cytrox #Egypt
Between May and September 2023, former Egyptian MP Ahmed Eltantawy was targeted with Cytrox’s Predator spyware via links sent on SMS and WhatsApp. The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections.In August and September 2023, Eltantawy’s Vodafone Egypt mobile connection was persistently selected for targeting via network injection; when Eltantawy visited certain websites not using HTTPS, a device installed at the border of Vodafone Egypt’s network automatically redirected him to a malicious website to infect his phone with Cytrox’s Predator spyware.#Predator #Cytrox #Egypt
Forwarded from Pegasus NSO & other spyware
Researchers spot new infrastructure likely used for Predator spyware
"New research from Recorded Future’s Insikt Group
#Predator #Cytrox #Intellexa
"New research from Recorded Future’s Insikt Group
examines newly discovered infrastructure related to the operators of Predator, a mercenary mobile spyware. This infrastructure is believed to be in use in at least eleven countries, including #Angola, #Armenia, #Botswana, #Egypt, #Indonesia, #Kazakhstan, #Mongolia, #Oman, the Philippines, Saudi Arabia (#KSA), and #Trinidad and #Tobago. Notably, this is the first identification of Predator customers in #Botswana and the #Philippines. Despite being marketed for counterterrorism and law enforcement, Predator is often used against civil society, targeting journalists, politicians, and activists, with no specific victims or targets currently identified in this latest activity."#Predator #Cytrox #Intellexa
Forwarded from Pegasus NSO & other spyware
How to detect Predator spyware on Phone (iOS) | OneJailbreak - 21/03/2024
Cytrox, a prominent Macedonian cybersecurity firm
- Cytrox (10 posts)
- Predator ( 25 posts)
#Predator #Cytrox #Apple #IoS
Cytrox, a prominent Macedonian cybersecurity firm
, gained notoriety in 2021 for its development and dissemination of the Predator spyware targeting iPhones. This sophisticated spyware successfully infiltrated iOS 14.6, the latest OS version at the time, through the utilization of single-click links distributed via the popular messaging platform, WhatsApp. Predator persists after reboot using the iOS automation feature.- Cytrox (10 posts)
- Predator ( 25 posts)
#Predator #Cytrox #Apple #IoS