The US Treasury Department imposed further sanctions on five individuals and one entity connected to the Intellexa Consortium, a reportedly tainted holding company behind notorious spyware known as Predator. US officials say that even though more sanctions were imposed last year and again this year, additional steps were necessary because of the complicated network of corporate entities Intellexa had established to avoid responsibility.
Most notably, the sanctions talk around the activities of the Intellexa Consortium, who, while placing money through holding companies, continued to move funds and sell its Predator spyware into multiple holding companies. The new sanctions target these loopholes that enable companies such as Intellexa to engage in such activities, thus according to one senior administration official. To that extent, the sanctions prove consistent on the part of the U.S. government in an attempt to hold accountable all those entities that threaten the nation's security and violate civil liberties.
How Predator Spyware Works
Known to steal sensitive information from devices via one-click and zero-click attacks that require little to no activity from the victim, predator spyware can trace people, monitor phone calls, and obtain access to the data of smartphones and other devices. Since 2019, this malware has spread to Android and iPhone devices globally, even affecting the U.S. government.
As recently confirmed, the Biden administration has made it a fact that over 50 US government employees have been affected by commercial spyware, like Predator, in countries counted in more than 10. Though the exact location of the attacks is not made public, such threats are under close observation by the administration.
Key Individuals and Entities Impacted By Sanctions
The new wave of sanctions hits key players in the company of Intellexa. Felix Bitzios, owner of one of the companies that sold Predator spyware to foreign governments, is among them. Another, Andrea Nicola Constantino Hermes Gambazzi, is accused of facilitating other Intellexa entities to make financial transactions. Other sentences will be handed down for Merom Harpaz, Panagiota Karaoli, and Artemis Artemiou. The organisation, Aliada Group Inc. operating in the British Virgin Islands, was sanctioned due to its provision to transfer millions of dollars to Intellexa.
In March, Tal Jonathan Dilian, a founder of Intellexa, was already sanctioned; however, the corporation was not restricted due to its action of continuing to sell spyware to governments worldwide.
Intellexa reaches quite far, with Predator spyware said to be used by state-sponsored actors and governments in a majority of countries around the world, including such ones as Egypt, Indonesia, Saudi Arabia, and the Philippines. According to recent reports, while US sanctions did seem to place a brake on its sales and adoption, they were unable to halt the spyware so entirely that it was at all times held in check. Instead, researchers found that Predator continues to rebound. New clients include government officials and representatives from Angola, Madagascar, and the Democratic Republic of Congo.
More recently, Google disclosed that the Russian government was also using the vulnerabilities created by Intellexa, sending concerns about the company's activities flying across the globe.
While there are many moves in the plan, U.S. sanctions against the government are part of it. Several companies already received the axe, while the State Department banned the visas of those individuals who have been linked to the misuse of spyware. Such is the case for Israeli firms, like the NSO Group, a manufacturer of notorious Pegasus spyware, blacklisted last 2021.
In the near future, the U.S. will, at the UN General Assembly, host a high-level meeting intended to bring more countries on board to fight misuse of commercial spyware. The officials believe that sanctions imposed so far already challenge Intellexa to move money and conduct its business.
A Warning to Spyware Vendors
According to the U.S. Treasury, sanctions represent an undoubtedly clear message of consequences not just for the likes of Intellexa spyware vendors but for the corporate structures or shell companies that may wrap up their operations no matter how deep. The efforts help comprise both the prevention of exploitative technologies and the promotion of responsible development in cybersecurity solutions that follow international standards.
As the U.S. moves to increase its restrictions on spyware, a rising call to reconsider involvement in these businesses has been made for companies operating in that area. Experts believe that skilled cyber professionals have shunned the spyware business to avoid possible legal and financial implications.
