My Blog
Technology

U.S. blacklists spyware companies Intellexa and Cytrox, citing security threats

U.S. blacklists spyware companies Intellexa and Cytrox, citing security threats
U.S. blacklists spyware companies Intellexa and Cytrox, citing security threats


The Biden administration on Tuesday added foreign commercial spyware companies Intellexa and Cytrox to a federal “entity list” that prohibits American companies from engaging in certain trade activities with them, after determining they pose a threat to U.S. national security and foreign policy interests.

The decision is part of an ongoing effort to address the proliferation and misuse of commercial spyware, according to senior administration officials, who spoke on the condition of anonymity to brief reporters on the matter. The move is the most significant since President Biden issued an executive order in March that sets limits on U.S. agencies’ use of spyware and bars the technology’s use when there’s a risk could be used by foreign governments to target Americans or violate human rights.

That action serves as a “strong signal” to entities that use commercial spyware, as well as the surveillance industry on the whole, a senior administration official said.

“This is also an opportunity for private investors to consider the risk” and reevaluate whether to invest and support “such commercial spyware companies whose business practices threaten the security and safety of technology used by citizens around the world, not just here in the United States,” the official added.

‘Greek Watergate’ wiretap scandal throws government into turmoil

The companies added to the entity list include Intellexa S.A. in Greece, Cytrox Holdings Crt in Hungary, Intellexa Limited in Ireland, and Cytrox AD in North Macedonia. They are being penalized for “trafficking in cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide,” according to an update in the Federal Register.

The move builds on U.S. actions in November 2021, when the Israeli spyware company NSO Group was added to the federal blacklist when it was determined its phone-hacking tool was used by foreign governments to target government officials, academics, journalists and others. Hanan Elatr, the wife of slain Washington Post columnist Jamal Khashoggi, sued NSO Grouo last month alleging the group infected her phone with its spyware to track her late husband.

Cytrox was founded in 2017, according to the technology investment platform Pitchbook. A 2021 Citizen Lab report described it as part of Intellexa, although the exact nature of the relationship between the two companies is “murky at best.”

Intellexa was formed as a sort of “Star Alliance of Spyware” to compete with NSO Group, according to the Citizen Lab report. Its founder, Tal Dilian, is a former Israeli intelligence officer and entrepreneur.

Cytrox software was used to hack into the phones of an exiled Egyptian politician and a prominent Egyptian news reporter. The report found that one of the two victims’ phones was simultaneously infected with the NSO Group’s Pegasus software and Cytrox’s own spyware, which is called Predator.

“The targeting of a single individual with both Pegasus and Predator underscores that the practice of hacking civil society transcends any specific mercenary spyware company,” according to Citizen Lab. “Instead, it is a pattern that we expect will persist as long as autocratic governments are able to obtain sophisticated hacking technology.”

The report’s authors identified an IP address from Saudi Arabia as a possible Predator customer. This, taken together with media reports to the effect that Saudi Arabia cut off NSO Group as a client, “may be an indication that Saudi Arabia has switched from Pegasus to Predator,” the report said.

The White House has previously stated that foreign governments have used spyware to maliciously target U.S. personnel. After the March executive order, officials said that 50 U.S. government workers appear to or were confirmed to have been hacked by commercial malware tools.

The action also comes on the heels of a pledge made by the U.S. and allied nations in March to develop and implement measures aimed at countering commercial spyware abuses.

Related posts

Intel Mac Running Slow After Updating to Sonoma? Check Out These Fixes

newsconquest

The Best Horror Movies to Stream on Max

newsconquest

Justice Dept. Said to Conduct New Interviews in Inquiry Into Google’s Ad Tech

newsconquest