What's Happening?
Intellexa, a surveillance consortium known for its Predator spyware, continues to operate despite extensive U.S. sanctions. A recent investigation, dubbed 'Intellexa Leaks,' revealed that the company remains active, selling digital weapons to high bidders.
Reports from Google Threat Intelligence Group, Recorded Future’s Insikt Group, and Amnesty International’s Security Lab have identified new attack vectors and victim lists. Intellexa has been linked to exploiting zero-day vulnerabilities against mobile browsers, with at least 15 of the 70 zero-day exploits documented since 2021. Despite sanctions from the U.S. Treasury’s Office of Foreign Assets Control and fines from the Greek Data Protection Authority, Intellexa has developed a new 'zero-click' attack vector called 'Aladdin,' which infects devices through malicious advertisements.
Why It's Important?
The continued operation of Intellexa despite sanctions highlights the challenges in regulating and controlling the global spyware market. The development of new attack vectors like 'Aladdin' poses significant risks to privacy and security, as they allow for silent infections without user interaction. This situation underscores the need for stronger international cooperation and regulatory frameworks to address the proliferation of spyware and protect individuals from unauthorized surveillance. The revelations also raise concerns about the effectiveness of current sanctions and the ability of companies to circumvent them.
