Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Tracking & Law Enforcement

US Sanctions Intellexa Executives as Surveillance Spyware Crackdown Expands

Sanctions target five individuals linked to Intellexa Consortium as the US government expands its crackdown on commercial spyware merchants.

Exploit acquisition

The US Treasury Department has slapped sanctions on five individuals and one entity associated with the Intellexa Consortium, a global business caught creating and distributing commercial spyware for targeted and mass surveillance campaigns.

The latest round of sanctions are part of a broader US government effort to combat the proliferation and misuse of commercial spyware and surveillance tools and comes just days after Apple abruptly abandoned its lawsuit against Israel’s NSO Group.

Intellexa Consortium, founded by previously sanctioned Tal Jonathan Dilian, is described as a complex international network of companies that developed and sold the ‘Predator’ spyware that exploited software bugs in iOS and Android platforms.

According to the US Treasury’s Office of Foreign Assets Control (OFAC), those sanctioned sanctioned include:

  1. Felix Bitzios — identified as the beneficial owner of an Intellexa Consortium company that was used to supply Predator spyware to a foreign government client. A Greek national, Bitzios also acted as the manager of Intellexa S.A., another company in the Intellexa Consortium.
  2. Andrea Nicola Constantino Hermes Gambazzi — named as the beneficial owner of Thalestris Limited and Intellexa Limited, members of the Intellexa Consortium group of companies. Thalestris Limited holds distribution rights to the Predator spyware, and is the parent company to Intellexa S.A. Thalestris Limited has been involved in processing transactions on behalf of other entities within the Intellexa Consortium.   
  3. Merom Harpaz — pinpointed as a top executive of the Intellexa Consortium, and acted as a manager of Intellexa S.A.
  4. Panagiota Karaoli is the director of multiple Intellexa Consortium entities that are controlled by or are a subsidiary of Thalestris Limited. 
  5. Artemis Artemiou — tagged as the general manager and member of the board of Cytrox Holdings Zartkoruen Mukodo Reszvenytarsasag (Cytrox Holdings), a member of the Intellexa Consortium that was designated pursuant to E.O. 13694, as amended. Artemiou is also an employee of Intellexa S.A.
  6. Aliada Group —  British Virgin Islands-based company and member of the Intellexa Consortium, has enabled tens of millions of dollars of transactions involving the network. The Aliada Group is directed by Dilian. The Aliada Group was associated with Intellexa S.A. and Intellexa Limited, and held shares in Cytrox Holdings.    

The government explained that the Intellexa Consortium is a complex international web of decentralized companies that built and commercialized highly invasive spyware products for mobile devices.

“Successful Predator spyware attacks can provide the spyware’s operators with access to sensitive information on the victim’s device, including photos, geolocation data, personal messages, and microphone records,” the Department said, noting that past targets of Intellaxa spyware products include government officials, journalists, policy experts, and opposition politicians.

The sanctions come just days after Apple dropped its lawsuit against NSO Group, citing increased risk that the case would unintentionally reveal sensitive vulnerability data to the very company accused of hacking its iOS and macOS platforms.

In dropping the case, Apple pointed to shifting dynamics in the commercial spyware industry and cautioned that  even a legal victory might have limited impact on the broader surveillance software landscape that includes companies like Intellexa.

“Defendants have been partly supplanted by numerous other spyware companies, dispersing threats that were once concentrated in a single powerful actor; consequently, even a complete victory in this suit would not have the same impact as in 2021, as other unaffiliated spyware companies would remain unaffected and could continue their destructive tactics,” Cupertino said.

Advertisement. Scroll to continue reading.

Related: Russian APT Reusing Exploits From Spyware Merchant Intellexa

Related: US Gov Mercenary Spyware Clampdown Hits Cytrox, Intellexa

Related: Predator Spyware Resurfaces With Fresh Infrastructure

Related: US Sanctions Spyware Company and Execs Targeting American Journalists

Related: Google Links Over 60 Zero-Days to Commercial Spyware Vendors

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn's first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.