The US government’s clampdown on commercial spyware and mercenary hacking companies ramped up this week with the addition of Cytrox and Intellexa to an ‘entity list’ that limits their access to American-made components and technologies.
A new announcement (PDF) from the Biden administration’s Commerce Department flagged the two foreign companies “for trafficking in cyber exploits used to gain access to information systems, thereby threatening the privacy and security of individuals and organizations worldwide.”
Cytrox, which has been linked to malware found spying on a European lawmaker, was exposed as the vendor behind the notorious Predator iPhone eavesdropper implant.
The University of Toronto’s Citizen Lab teamed up with the threat-intel team at Facebook parent company Meta to identify Cytrox alongside a handful of PSOAs (private sector offensive actors) in the murky surveillance-for-hire industry. Citizen Lab said Cytrox is responsible for a piece of iPhone eavesdropping malware that was planted on phones belonging to two notable Egyptians.
The company’s Predator eavesdropper was able to infect the then-latest iOS version (14.6) using single-click links sent via WhatsApp messenger.
Like Cytrox, Intellexa has also been publicly outed as a mercenary offensive security outfit selling million-dollar iOS and Android hacking services.
In November 2021, the US government added Israeli commercial spyware firm NSO Group to the entity list, a move that will require special government permission to do business with American companies.
The department said putting these companies on the entity list was part of the Biden administration’s efforts to promote human rights in US foreign policy.
Related: Spyware Firm Offering iOS, Android Hacking Services for $8 Million
Related: European Lawmaker Targeted With Cytrox Predator Surveillance Spyware
Related: Citizen Lab Exposes Cytrox as Vendor Behind ‘Predator’ iPhone Spyware
Related: Calls Mount for US Gov Clampdown on Mercenary Spyware Merchants
Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.
More from Ryan Naraine
- New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware
- CrowdStrike to Acquire Application Intelligence Startup Bionic
- HiddenLayer Raises Hefty $50M Round for AI Security Tech
- Microsoft AI Researchers Expose 38TB of Data, Including Keys, Passwords and Internal Messages
- Extradited Russian Hacker Behind ‘NLBrute’ Malware Pleads Guilty
- Caesars Confirms Ransomware Hack, Stolen Loyalty Program Database
- AuthMind Scores $8.5M Seed Funding for ITDR Tech
- Zero-Day Summer: Microsoft Warns of Fresh New Software Exploits
Latest News
- Microsoft Adding New Security Features to Windows 11
- UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor
- Sony Investigating After Hackers Offer to Sell Stolen Data
- The CISO Carousel and its Effect on Enterprise Cybersecurity
- Xenomorph Android Banking Trojan Targeting Users in US, Canada
- $200 Million in Cryptocurrency Stolen in Mixin Network Hack
- Stealthy APT Gelsemium Seen Targeting Southeast Asian Government
- Nigerian Pleads Guilty in US to Million-Dollar BEC Scheme Role
