The Department of the Treasury\u2019s Office of Foreign Assets Control (OFAC) issued new sanctions against five individuals and one entity associated with the Intellexa Consortium<\/a> for their role in developing, operating, and distributing commercial spyware.<\/p>\n\n\n\n
The Intellexa Consortium was created in 2019, it has acted as a marketing umbrella for various offensive cyber companies that provide commercial spyware<\/a> and surveillance tools designed for targeted and mass surveillance campaigns. The name \u201cPredator\u201d spyware was used to refer to a collection of surveillance tools that allows to compromise victims\u2019 devices through zero-click attacks.<\/p>\n\n\n\n
The fresh package of sanctions issued by the U.S. government is part of the effort against commercial spyware vendors<\/a>.<\/p>\n\n\n\n
“These designations complement concerted U.S. government actions against commercial spyware vendors, including previous\u00a0sanctions against<\/a>\u00a0individuals and entities associated with the Intellexa Consortium; the Department of Commerce\u2019s\u00a0addition of commercial spyware vendors<\/a>\u00a0to the Entity List; and the Department of State\u2019s\u00a0visa ban policy<\/a>\u00a0targeting those who misuse or profit from the misuse of commercial spyware, subsequently exercised on\u00a0thirteen individuals<\/a>.” reads the press release<\/a> published by the OFAC. \u00a0<\/em><\/p>\n\n\n\n
The sanctions also targeted financial entities linked to the Intellexa Consortium’s sale of surveillance software. Aliada Group Inc. facilitated major financial transactions for the Consortium, while Thalestris Limited processed transactions on behalf of other Intellexa Consortium entities.<\/p>\n\n\n\n
“The Intellexa Consortium is a complex international web of decentralized companies that built and commercialized a comprehensive suite of highly invasive spyware products, primarily marketed under the brand-name \u201cPredator.\u201d” continues the press release.<\/em><\/p>\n\n\n\n
In March 2024, the US Government sanctioned the Intellexa Consortium\u2019s Israeli founder,\u00a0Tal Jonathan Dilian, and Polish corporate specialist,\u00a0Sara Aleksandra Fayssal Hamou.<\/p>\n\n\n\n
The US government also sanctioned the following companies:<\/p>\n\n\n\n
In February 2024, the U.S. State Department announced<\/a> it is implementing a new policy to impose visa restrictions on individuals involved in the misuse of commercial spyware.<\/p>\n\n\n\n
In March 2023, the US Government issued<\/a> an Executive Order on the prohibition on use by the United States Government of commercial spyware that poses risks to national security.<\/p>\n\n\n\n
In July 2023, the Commerce Department\u2019s Bureau of Industry and Security (BIS) added<\/strong><\/a> surveillance technology vendors Intellexa<\/a> and Cytrox<\/a> to the Entity List for trafficking in cyber exploits used to gain access to information systems.<\/p>\n\n\n\n
In early September 2024, Recorded Future researchers warned<\/a> that the Predator spyware has resurfaced with fresh infrastructure after a decline caused by US\u00a0sanctions against Intellexa Consortium<\/a>.<\/p>\n\n\n\n
\u201cThis resurgence highlights Predator\u2019s ongoing use by customers in countries such as the Democratic Republic of the Congo (DRC) and Angola.\u201d reads the Recorded Future\u2019s report<\/a>. \u201cWhile Predator continues to pose significant privacy and security risks, especially to high-profile individuals like politicians and executives, new infrastructure changes make tracking users more difficult. \u201c<\/em><\/p>\n\n\n\n
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/strong><\/a><\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a>\u00a0\u2013<\/strong>\u00a0hacking, Intellexa Consortium)<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"