The growth of commercial spyware based intelligence providers without legal or ethical supervision – Talos - July 2023

Attackers have long used commercial products developed by legitimate companies to compromise targeted devices. These products are known as commercial spyware. Commercial spyware operations mainly target mobile platforms with zero- or one-click zero-day exploits to deliver spyware. This threat initially came to light with the leaks of HackingTeam back in 2015, but gained new notoriety with public reporting on the NSO Group, and, in the years that have followed, the landscape has exploded.

There are now numerous companies with similar offerings, like Intellexa, DSIRF, Variston IT, and the newly disclosed Quadream representing just a small subset — there are likely more that are operating covertly today.

#Quadream #VaristonIT #DSIRF #Intellexa #NSO

The U.S. government has banned European commercial spyware manufacturers Intellexa and Cytrox - BleepingComputer - July 2023

The U.S. government has banned European commercial spyware manufacturers Intellexa and Cytrox, citing risks to U.S. national security and foreign policy interests.

The Commerce Department's Bureau of Industry and Security (BIS) added four commercial entities to its Entity List: Intellexa S.A. from Greece, Intellexa Limited from Ireland, Cytrox Holdings Zrt from Hungary, and Cytrox AD from North Macedonia.

This decision was motivated by the four companies' involvement in trafficking cyber exploits used to gain unauthorized access to the devices of high-risk individuals worldwide, threatening their security and privacy

#Intellexa #Cytrox #Greece #Macedonia #Hungary #Ireland #EU #US #Spyware

#Predator

Who are Intellexa, the Irish spyware company placed on a US ‘blacklist’? – The Irish Times – July 2023

The Intellexa group produces a software product called Predator that can secretly take over the microphone and camera on a targeted mobile phone and turn it into a spying device.

Intellexa Ltd, a company incorporated in Ireland three and a half years ago, was this week labelled by the US state department as engaging in activities “contrary to the national security or foreign policy interests of the United States”.

The holding company’s main shareholder has an address in Ajman, a city in the United Arab Emirates.

Its Irish financial accounts from 2021 show the bulk of the group’s money was made from sales in the Middle East, which accounted for €29.5 million of its €34.3 million in sales that year.

#Predator #Intellexa #Ireland

Madagascar Drops Predator Spyware on Citizens in Watering Hole Attack

Madagascar's government services — such as police or domestic intelligence — have apparently purchased and leveraged Predator to conduct political domestic surveillance ahead of a presidential election in November.

According to research by Sekoia, the effort was a watering hole attack: Links to download the spyware were added to WordPress blogs containing genuine articles taken from the Madagascan newspaper Midi Madagasikara. Anyone looking for the legitimate story could have ended up on the malicious page and gone on to download the spyware, according to the firm. The malicious links were obscured with URL shorteners.

Active Lycantrox infrastructure illumination - Sekoia.io

#Predator #Intellexa #spyware #Madagascar

Global: ‘Predator Files’ investigation reveals catastrophic failure to regulate surveillance trade  | Amnesty International –

“The ‘Predator Files’ investigation shows what we have long feared: that highly invasive surveillance products are being traded on a near industrial scale and are free to operate in the shadows without oversight or any genuine accountability. It proves, yet again, that European countries and institutions have failed to effectively regulate the sale and transfer of these products,”

A comprehensive report on the Amnesty International Security Lab’s findings, ‘The Predator Files: Caught in the Net’, will be published on 9 October. 

#Predator #Intellexa #Israel #EU #Spyware

The Predator Files: Caught in the Net | Amnesty International - October 2023 –

This report lays out the human rights implications of the Predator Files disclosures, which show how a suite of highly invasive surveillance technologies supplied by the Intellexa alliance is being sold and transferred around the world with impunity. These findings make clear, yet again, that the unchecked sale and transfer of surveillance technologies could continue to facilitate human rights abuse on a massive global scale, as companies are still being allowed to freely sell and transfer their wares in utmost secrecy.

#Predator #Intellexa

The Predator Files: Caught in the Net - Amnesty International – October 2023

https://www.amnesty.org/en/wp-content/uploads/2023/10/ACT1072452023ENGLISH.pdf
#Predator #Intellexa

Researchers spot new infrastructure likely used for Predator spyware

"New research from Recorded Future’s Insikt Group examines newly discovered infrastructure related to the operators of Predator, a mercenary mobile spyware. This infrastructure is believed to be in use in at least eleven countries, including #Angola, #Armenia, #Botswana, #Egypt, #Indonesia, #Kazakhstan, #Mongolia, #Oman, the Philippines, Saudi Arabia (#KSA), and #Trinidad and #Tobago.

Notably, this is the first identification of Predator customers in #Botswana and the #Philippines. Despite being marketed for counterterrorism and law enforcement, Predator is often used against civil society, targeting journalists, politicians, and activists, with no specific victims or targets currently identified in this latest activity."

#Predator #Cytrox #Intellexa

Predator Spyware Operators Rebuild Multi-Tier Infrastructure to Target Mobile Devices

New research from Recorded Future’s Insikt Group examines newly discovered infrastructure related to the operators of Predator, a mercenary mobile spyware. This infrastructure is believed to be in use in at least eleven countries, including Angola, Armenia, Botswana, Egypt, Indonesia, Kazakhstan, Mongolia, Oman, the Philippines, Saudi Arabia, and Trinidad and Tobago. Notably, this is the first identification of Predator customers in Botswana and the Philippines.

Despite being marketed for counterterrorism and law enforcement, Predator is often used against civil society, targeting journalists, politicians, and activists, with no specific victims or targets currently identified in this latest activity.

#Predator #Intellexa