The US Treasury Department has imposed new sanctions against five executives and one entity associated with the Intellexa consortium for their role in the development, operation and distribution of commercial spyware called Predator.
“The United States will not tolerate the mindless proliferation of disruptive technologies that threaten our national security and undermine the privacy and civil liberties of our citizens,” said Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence Bradley T. Smith.
“We will continue to prosecute those who seek to promote the spread of exploitative technologies, while encouraging the responsible development of technologies that meet international standards.”
The individuals and legal entities that have been sanctioned are listed below –
- Felix Bizios, beneficial owner of Intellexa Consortium, which allegedly supplied the Predator to a foreign government, and head of Intellexa SA
- Andrea Nicola Constantino Hermes Gambazzi, beneficial owner of Thalestris Limited and Intellexa Limited, members of the Intellexa Consortium
- Meram Harpaz, Head of the Intellexa Consortium and Head of Intellexa SA
- Panagiota Caraoli, director of several entities in the Intellexa consortium controlled by or a subsidiary of Thalestris Limited
- Artemis Artemiou, employee of Intellexa SA and CEO and board member of Cytrox Holdings, another Intellexa Consortium member
- Aliada GroupInc., a British Virgin Islands company and member of the Intellexa Consortium, has facilitated tens of millions of dollars in transactions
Thalestris Limited was involved in processing transactions on behalf of other entities in the Intellexa consortium, the Ministry of Finance said, adding that Aliada Group is managed by Tal Jonathan Dilian, founder of the Intellexa consortium.
The department described the consortium as a “sophisticated international network of decentralized companies that created and commercialized a comprehensive suite of highly invasive spyware.”
The development comes just over six months after the Treasury sanctioned Dilian, Sara Aleksandra Fayssal Hamou and five other organizations, including Intellexa SA, on similar grounds.
It also follows the resurgence of Predator spyware after a period of relative silence by likely clients in Angola, the Democratic Republic of Congo (DRC) and Saudi Arabia, using new infrastructure designed to evade detection.
“The latest evolution of the Predator infrastructure includes an additional layer in the delivery infrastructure to improve client anonymization and improve the security of server configurations and related domains,” Recorded Future said.
“Although the operators of the Predator spyware have changed significant aspects of their infrastructure setup, including changes that make attribution to individual countries more difficult, they have largely maintained their modus operandi.”
It also follows Apple’s decision to file a motion to dismiss its lawsuit against NSO Group on the grounds that disclosure by the court could jeopardize its anti-spyware efforts, which are taking steps to avoid sharing information related to the Pegasus spyware. and that the impact may be diluted by the expansion of the spyware market by new players.
