The Treasury Department announced Tuesday it has sanctioned two people and a Greece-based commercial spyware company headed by a former Israeli military officer that developed, operated and distributed technology used to target U.S. government officials, journalists and policy experts.
Quick Read
- The U.S. Treasury Department sanctioned two individuals and the Greece-based Intellexa Consortium, led by a former Israeli military officer, for developing and distributing spyware targeting U.S. officials, journalists, and experts.
- Intellexa Consortium’s associated entities in North Macedonia, Hungary, and Ireland were also sanctioned for their roles in developing the Predator spyware suite.
- This marks the first occasion the Treasury has sanctioned entities for the misuse of commercial spyware, highlighting efforts to establish guidelines for responsible technology use while protecting human rights.
- Predator spyware enables unauthorized access to devices without user interaction, allowing data extraction, geolocation tracking, and access to personal information.
- The Commerce Department previously blacklisted Intellexa and Cytrox, restricting their access to U.S. technology.
- Instances of Predator spyware use were reported in Europe, including attempts to target significant political figures and revelations leading to governmental resignations in Greece.
- Intellexa, founded in 2019 by Tal Dilian, and Sara Hamou, a corporate services provider for Intellexa, were the individuals sanctioned.
- The sanctions are part of a broader U.S. initiative to curb the proliferation of mercenary spyware, complementing the Biden administration’s new policy for imposing visa restrictions on those involved in spyware misuse.
The Associated Press has the story:
US sanctions spyware company that targeted US journalists, govt officials
Newslooks- WASHINGTON (AP) —
The Treasury Department announced Tuesday it has sanctioned two people and a Greece-based commercial spyware company headed by a former Israeli military officer that developed, operated and distributed technology used to target U.S. government officials, journalists and policy experts.
The sanctions target Intellexa Consortium, which the U.S. says has sold and distributed commercial spyware and surveillance tools for targeted and mass surveillance campaigns. Other entities associated with Intellexa — including North Macedonia-based Cytrox AD, Hungary-based Cytrox Holdings ZRT and Ireland-based Thalestris Limited — were sanctioned for their parts in developing and distributing a package of tools known as Predator.
Biden administration officials said it marks the first time that the Treasury Department has sanctioned people or entities for the misuse of spyware.
Predator allows a user to infiltrate electronic devices through zero-click attacks that require no user interaction for the spyware to infect the device. The spyware, which has been used in dozens of countries, has allowed for the unauthorized extraction of data, geolocation tracking and access to personal information on compromised devices.
“Today’s actions represent a tangible step forward in discouraging the misuse of commercial surveillance tools, which increasingly present a security risk to the United States and our citizens,” said Brian Nelson, Treasury undersecretary for terrorism and financial intelligence. “The United States remains focused on establishing clear guardrails for the responsible development and use of these technologies while also ensuring the protection of human rights and civil liberties of individuals around the world.”
The Commerce Department last year blacklisted Intellexa and Cytrox, denying them access to U.S. technology.
Amnesty International’s Security Lab in October published a report that said that Predator had been used to target but not necessarily infect devices connected to the president of the European Parliament, Roberta Metsola, and the president of Taiwan, Tsai Ing-Wen, as well as Rep. Michael McCaul, R-Texas, and Sen. John Hoeven, R-N.D.
Europe has also suffered a number of spyware incidents. Predator spyware was reportedly used in Greece, a revelation that helped precipitate the resignation in 2022 of two top government officials, including the national intelligence director.
In December 2021, digital sleuths at the University of Toronto’s Citizen Lab discovered Predator spyware on the iPhone of a leading exiled Egyptian dissident. In a joint probe with Facebook, Citizen Lab discovered that Cytrox had customers in countries including Armenia, Greece, Indonesia, Madagascar, Oman, Saudi Arabia and Serbia.
Intellexa was created in 2019 by former Israeli military officer Tal Dilian. Dilian and Sara Hamou, a corporate off-shoring specialist who has provided managerial services to Intellexa, were also sanctioned.
John Scott-Railton, a senior researcher at Citizen Lab, called the sanctions “a major escalation in the American effort to pump the brakes on mercenary spyware proliferation.”
The sanctions targeting the developers of Predator come after the Biden administration last month unveiled a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware.
The Democratic administration’s visa policy applies to people who’ve been involved in the misuse of commercial spyware to target people including journalists, activists, perceived dissidents, members of marginalized communities or the family members of those who are targeted. The visa restrictions could also apply to people who facilitate or get financial benefit from the misuse of commercial spyware, officials said.