U.S. blacklists two firms that built Meta, iOS and Android spyware

Gina Raimondo, Secretary of Commerce, at the WEF in Davos, Switzerland on May 25th, 2022. Gina Raimondo, Secretary of Commerce, at the WEF in Davos, Switzerland on May 25th, 2022.

The Commerce Department on Tuesday blacklisted two European cyber companies that provide spyware software, including technology marketed by both companies that was used to monitor Meta users and, allegedly, at least one Meta employee.

The program employed hundreds of phony Meta accounts to track activists, politicians, and journalists throughout the globe by taking advantage of flaws in the Android and iOS operating systems.

The firms-Intellexa and Cytrox

These were referred to as being involved in the trafficking of “exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide” in a press release from the Bureau of Industry and Security.

The businesses share a name and have affiliates in North Macedonia, Greece, Ireland, and the United Kingdom. According to a Citizen Lab research from 2021, Cytrox produces malware called Predator that has been employed by despotic regimes to hack into the cellphones of activists, politicians, and journalists.

Both have been added to the Commerce Department’s “Entity List,” a very onerous and stringent export control list that prohibits American businesses from providing technology, data, or intellectual property to the designated enterprises. As succeeding administrations have struggled with the considerable power it affords the U.S. government over both local and international corporations, export-control measures have been enacted more frequently.

A warning from Meta in December 2021

Numerous Facebook users said that Predator and other spyware-for-hire programs had targeted them.

Nebula, another Intellexa espionage offering, is a tool for gathering and analyzing social media data that is marketed as being crucial for law enforcement and intelligence organizations. The company’s creator, Tal Dilian, calls himself a “intelligence expert” with more than 25 years of military service in the Israel Defense Forces.

According to Dilian’s personal website, Intellexa “develops & integrates technologies empowering law enforcement agencies & intelligence agencies to collect & analyze data in the most advanced methods.”

The Predator device from Intellexa and the company’s efforts to sell it to a Ukrainian security agency were extensively covered by The New York Times. According to the Times, Greek intelligence also spied on a Meta trust and safety employee using Intellexa’s Predator.

The Biden administration has shown a greater readiness to label foreign firms, effectively preventing them from using any American technology. Export restrictions were successfully used by the Trump administration to target Huawei. Since then, authorities from the Commerce Department have added cutting-edge networking and semiconductor technology to the export restriction lists, preventing Chinese and Russian organizations from acquiring that technology.

ISTANBUL

On Tuesday, the US delisted the European spyware firms Cytrox and Intellexa for “threaten[ing] the] privacy and security of individuals and organizations throughout the world.”

Four organizations were added to “the Entity List for trafficking in cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide,” according to a statement from the Bureau of Industry and Security of the Commerce Department. These organizations are Intellexa S.A. in Greece, Cytrox Holdings Crt in Hungary, Intellexa Limited in Ireland, and Cytrox AD in North Macedonia.

 

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *