US Ramps Up Sanctions on Spyware-Maker Intellexa

Written by

The US government has slapped a prolific commercial manufacturer of spyware with new sanctions, as it continues to crack down on the grey market in covert eavesdropping tools.

A note from the Treasury’s Office of Foreign Assets Control (OFAC) yesterday revealed that five individuals and an entity associated with the Intellexa Consortium had been sanctioned for their role in developing, operating and distributing the Predator malware. The US now considers it to be a threat to the country’s national security.

“The United States will not tolerate the reckless propagation of disruptive technologies that threatens our national security and undermines the privacy and civil liberties of our citizens,” said acting under secretary of the Treasury for terrorism and financial intelligence, Bradley Smith.

“We will continue to hold accountable those that seek to enable the proliferation of exploitative technologies, while also encouraging the responsible development of technologies that align with international standards.” 

Read more on spyware: US Imposes Visa Restrictions on Alleged Spyware Figures

The five individuals are all executives or beneficial owners of the consortium and/or its various constituent companies. They are:

  • Felix Bitzios: beneficial owner of an Intellexa Consortium company used to supply a foreign government with Predator
  • Andrea Nicola Constantino Hermes Gambazzi: the beneficial owner of consortium companies, Thalestris Limited and Intellexa Limited
  • Merom Harpaz: an executive of the consortium and manager at Intellexa SA
  • Panagiota Karaoli: the director of various consortium entities that are controlled by or a subsidiary of Thalestris Limited
  • Artemis Artemiou: general manager and member of the board of consortium firm Cytrox Holdings

The Treasury’s OFAC also sanctioned Aliada Group, a British Virgin Islands-based company which is a part of the Intellexa Consortium, and has allegedly enabled tens of millions of dollars of transactions involving the network.

A Threat to National Security and Economic Health

The Treasury said all individuals and Aliada Group were sanctioned for their links to “cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States that are reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States.”

These activities caused “a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain,” it added.

The inclusion of these individuals and Aliada Group on OFAC’s SDN list means any assets they have based in the US are now frozen, and US individuals and companies are banned from transacting with them.

The move follows the announcement of sanctions against two people and five entities associated with the Intellexa Consortium back in March.

Intellexa is the umbrella organization for multiple companies based in Greece, Ireland, Hungary and elsewhere. Its North Macedonian Cytrox business developed Predator, which is still being widely used by repressive regimes to eavesdrop on journalists, dissidents, politicians and others.

Like similar malware such as NSO Group’s Pegasus spyware, Predator is delivered to victim devices via zero-click exploits that require no user interaction.

Yesterday, Infosecurity reported that Apple filed a motion to drop its lawsuit against NSO Group, citing concerns that information relating to defensive measures could be publicly revealed in the case and used by spyware vendors to circumvent the controls.

Image credit: Frantisek Jarabica / Shutterstock.com

What’s hot on Infosecurity Magazine?