Intellexa is a well-known commercial spyware vendor, servicing governments and large corporations. Its main product is the Predator spyware.
An investigation by several independent parties describes Intellexa as one of the most notorious mercenary spyware vendors, still operating its Predator platform and hitting new targets even after being placed on US sanctions lists and being under active investigation in Greece. The investigation draws on highly sensitive documents and other materials leaked from the company, including internal records, sales and marketing material, and training videos.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Why iPhone users should update and restart their devices now
January 13, 2026
If you were still questioning whether iOS 26+ is for you, now is the time to make that call. Why? On December 12, 2025, Apple patched two WebKit zero‑day vulnerabilities linked to mercenary spyware and is now effectively pushing iPhone 11 and newer users toward iOS 26+, because that’s where the fixes and new memory ...
- US removes three spyware-linked executives from sanctions list
December 31, 2025
Merom Harpaz, Andrea Nicola Constantino Hermes Gambazzi, and Sara Aleksandra Fayssal Hamou – three individuals who were sanctioned by the US for alleged links to commercial spyware products, have had their bans lifted recently. In a new press release published by the US Office of Foreign Assets Control (OFAC) earlier this week, it was briefly stated ...
- Meet the team that investigates when journalists and activists get hacked with government spyware
December 27, 2025
For more than a decade, dozens of journalists and human rights activists have been targeted and hacked by governments all over the world. Cops and spies in Ethiopia, Greece, Hungary, India, Mexico, Poland, Saudi Arabia, and United Arab Emirates, among others, have used sophisticated spyware to compromise the phones of these victims, who at times ...
- Sanctioned spyware maker Intellexa had direct access to government espionage victims, researchers say
December 4, 2025
Spyware maker Intellexa had remote access to some of its government customers’ surveillance systems, giving company staffers the ability to see the personal data of people whose phones had been hacked with its Predator spyware, according to new evidence published by Amnesty International. On Thursday, Amnesty and a coalition of media partners, including Israeli newspaper Haaretz, ...
- LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices
November 7, 2025
Unit 42 researchers have uncovered a previously unknown Android spyware family, which we have named LANDFALL. To deliver the spyware, attackers exploited a zero-day vulnerability (CVE-2025-21042) in Samsung’s Android image processing library. The specific flaw LANDFALL exploited, CVE-2025-21042, is not an isolated case but rather part of a broader pattern of similar issues found on multiple ...
- Italian political consultant says he was targeted with Paragon spyware
November 6, 2025
Francesco Nicodemo, a consultant who works with left-wing politicians in Italy, has gone public as the latest person targeted with Paragon spyware in the country. On Thursday, Nicodemo said in a Facebook post that for 10 months, he preferred not to publicize his case because he “did not want to be used for political propaganda,” ...