Cytrox

Last updated

Cytrox
Founded2017
Key people
Ivo Malinkovski (CEO)
OwnerTal Dilian
Subsidiaries Cytrox Holdings Zrt (Hungary)
Cytrox AD (North Macedonia)
Balinese Ltd. (Israel)
Peterbald Ltd. (Israel)

Cytrox is a company established in 2017 that makes malware used for cyberattacks and covert surveillance. Its Predator spyware was used to target Egyptian politician Ayman Nour in 2021 and to spy on 92 phones belonging to businessmen, journalists, politicians, government ministers and their associates in Greece. In 2023, the U.S. Department of Commerce added the Cytrox companies Cytrox AD in North Macedonia, and Cytrox Holdings Zrt in Hungary to its Entity List and on March 5, 2024, the U.S. Department of Treasury imposed sanctions upon Cytrox AD of North Macedonia and the Intellexa Consortium, which is the parent firm of Cytrox AD, "for trafficking in cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide." [1] [2] [3]

Contents

History

Cytrox was established in 2017, reportedly as a startup in North Macedonia and received initial funding from Israel Aerospace Industries. [4] Its Crunchbase article describes it as providing an "operational cyber solution" to governments, including gathering information from devices and cloud services. [5] Cytrox's CEO is Ivo Malinkovski. [5] [6] A review of corporate registry documents by the University of Toronto's Citizen Lab indicated that Cytrox has a presence in Israel and Hungary. [5]

In 2019, Forbes reported that Cytrox was rescued by Tal Dilian, a former commander of the Israel Defense Forces (IDF), who acquired the company for under $5 million. [7] Dilian served in the IDF for 25 years prior to his departure, following accusations that he had unlawfully enriched himself. [8] Dilian demonstrated the company's surveillance kit to Forbes by hacking into a Huawei device and obtaining its WhatsApp messages without clicks from the victim. [7] [8]

The Citizen Lab said in 2021 that Cytrox was part of an alliance known as Intellexa, which it called "a marketing label for a range of mercenary surveillance vendors that emerged in 2019." [5] [9] Dilian founded the Intellexa Group in 2018; the Intellexa Alliance combines the Intellexa Group and Nexa, a group of surveillance companies that operates mainly in France. [10]

In December 2021, Meta Platforms announced that Cytrox and six other surveillance-for-hire groups had been banned from using its platforms to target other users, in response to the Citizen Lab's findings about Cytrox's Predator spyware being used to target two Egyptian dissidents in June. Meta also announced it had removed over 1,500 Facebook and Instagram accounts associated with the seven companies, which it said were used to conduct social engineering, reconnaissance and sending malicious links to victims in over 100 countries. [11] [6]

In July 2023, the U.S. Department of Commerce added the Cytrox companies Cytrox AD in North Macedonia, and Cytrox Holdings Zrt in Hungary to its Entity List, after determining that they posed a threat to the U.S.'s national security and foreign policy interests. [12] [13] [14] [15]

Predator

Predator is spyware developed by Cytrox that targets the Android and iOS operating systems. [9] In May 2022, researchers at Google's Threat Analysis Group (TAG) reported that Predator bundled five zero-day exploits in one package and sold it to several government-backed actors, who used it in three separate campaigns. According to the researchers, Predator worked closely with a component named Alien, which "lives inside multiple privileged processes and receives commands from Predator." [16] [9]

An analysis of the spyware conducted by Cisco Talos in May 2023 revealed that the spyware's Alien component actively implements the low-level functionality required by Predator to surveil its targets, instead of merely acting as a loader for Predator as was previously understood. In Talos's sample, Alien exploited five vulnerabilities, four of which affected Google Chrome and the last of which affected Linux and Android, to infect the targeted devices. [17] [9] After infecting a device, Predator has full access to its microphone, camera and user data such as contacts and text messages. [18] [19] Additionally, Predator has access to a device's location services and messaging apps such as WhatsApp, Telegram and Signal. It also allows hackers to intercept and falsify messages. [19]

An October 2023 investigation conducted by news organisations led by the European Investigative Collaborations network, known as the Predator Files, found that Predator has been sold to at least 25 countries, including Austria, Germany, Switzerland, the Democratic Republic of the Congo, Jordan, Kenya, Oman, Pakistan, Qatar, Singapore, the United Arab Emirates and Vietnam. [18] Reportedly it was also sold to the Rapid Support Forces in the Sudan. [20] [21]

In March 2024, a number of individuals and legal entities associated with the Intellexa Consortium were named by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) for their involvement in the development, operation and distribution of commercial spyware. According to OFAC, the Intellexa Consortium was acting as a marketing label for numerous malicious cyber companies, enabling targeted and mass surveillance through the provision of commercial spyware and surveillance tools packaged in the Predator spyware suite. [22]

In September 2024, the U.S. Treasury announced five further sanctions targets, including senior executives and associates at Intellexa. The targets of the sanctions are alleged to have been involved in the sale of "Predator" to authoritarian governments: [23]
– Felix Bitzios, the owner of an Intellexa consortium company alleged to have sold Predator to an unnamed foreign government;
– Merom Harpaz and Panagiota Karaoli, named by the Treasury as senior Intellexa executives;
– Andrea Nicola Constantino Hermes Gambazzi, who according to the Treasury processed transactions for companies within the Intellexa consortium;
– Aliada Group, a company based in the British Virgin Islands and a member of the Intellexa group, alleged to have enabled tens of millions of dollars in transactions for the consortium.

High-profile targets

Egypt

In December 2021, the Citizen Lab reported that Predator was used to hack the devices of two individuals, Egyptian opposition politician Ayman Nour and an unnamed exiled journalist, in June. [5] [6] [9] As a result, Apple was forced to release a software update for iOS to close the zero-day exploits used to perform the attack. [24]

In September 2023, researchers at the Citizen Lab and the TAG reported that Egyptian opposition politician Ahmed Tantawi was targeted using Predator after announcing his presidential bid. The Citizen Lab said the effort likely failed due to Tantawi having his phone in "lockdown mode", which is recommended by Apple for iPhone users at high risk. [25] [26] [27] It also said it had "high confidence" that the attack was conducted by the Egyptian government. [26] Apple subsequently issued security updates to patch the vulnerabilities exploited by Predator. [26] [27]

Greece

During the 2022 Greek wiretapping scandal, it was revealed that Predator was being used to surveil several politicians (including opposition politician Nikos Androulakis) and journalists, with the Greek government reportedly being implicated in buying and utilising Predator. [28] [29] The Greek government admitted to spying on journalist Thanasis Koukakis, but denied using Predator or maintaining any association with Intellexa. [30] In October 2022, Koukakis sued Intellexa and its executive for breach of privacy. [31] [30]

In March 2023, The New York Times reported that Artemis Seaford, a dual U.S.-Greek national and former security policy manager at Meta, had her phone infected with Predator while in Greece. [32] [33]

In July 2023, the investigation team of the Hellenic Data Protection Authority announced that it had found 220 text messages containing a link polluted with Predator, that had been sent to 92 telephone numbers in order to turn them into spying devices. The news website Inside Story published the content of many of them, [34] [35] which had been sent mostly in 2021. Their recipients included many politicians, ministers and their associates, including associates of the Prime Minister (e.g. Dimitris Avramopoulos, Giorgos Patoulis, Giorgos Gerapetritis, Kostis Hatzidakis, Thanos Plevris, Michalis Chrysochoidis, Adonis Georgiadis, Nikos Dendias, Christos Spirtzis), businessmen (e.g. Theodoros Karipidis  [ el ]), journalists, EYP cadres, at least one bishop and the editor of the newspaper Kathimerini , Alexis Papachelas. These names had been included in a list of persons alleged to have been spied upon by EYP and Predator, which had been published in November 2022 by the Documento newspaper. [35]

United States

In October 2023, various American lawmakers were targeted by Vietnam using Predator, including Representative Michael McCaul (R-TX) and Senators John Hoeven (R-ND), Chris Murphy (D-CT) and Gary Peters (D-MI). [36] Experts on Asia at various think tanks and several journalists, including CNN's lead national security reporter Jim Sciutto, were also targeted. [37]

Sanctions

United States Secretary of State Antony Blinken in a family photo with Commercial Spyware Joint Statement Signatories in Seoul, Republic of Korea on March 18, 2024 United States Secretary of State Antony Blinken participates in a family photo with Commercial Spyware Joint Statement Signatories in Seoul, Republic of Korea on March 18, 2024.jpg
United States Secretary of State Antony Blinken in a family photo with Commercial Spyware Joint Statement Signatories in Seoul, Republic of Korea on March 18, 2024

On March 5, 2024, the United States Department of Treasury's Office of Foreign Assets Control (OFAC) imposed sanctions against five entities and two individuals it described as key enablers of the Intellexa Consortium and Predator spyware by placing them on OFAC's Specially Designated Nationals (SDN) List: [3] [38]

See also

Notes

  1. Tal Dilian served in the Israeli Defense Forces (IDF) as an intelligence officer attaining the rank of general. He had an estimated wealth of more the $12 billion in August 2019. He uses Cyprus as his base for his surveillance activities. [7] [38] [39] [40]
  2. Sara Aleksandra Fayssal Hamou was born in Warsaw to a Polish mother and Lebanese father, attended law school in England, joined Trident Trust in December 2008, is closely associated with DJC Accountants of Cyprus and allegedly established numerous entities in support of Tal Dilian's interests using Cyprus as a hub. Trident Trust allegedly supports members of the inner circle of Vladimir Putin. Sara Hamou is the ex-wife of Tal Dilian and his business partner and is an attorney based in Cyprus that allegedly has implemented numerous surveillance projects in Asia, Africa, the Middle East and Europe. [38] [40] [41]

Related Research Articles

<span class="mw-page-title-main">Cybercrime</span> Type of crime based in computer networks

Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.

<span class="mw-page-title-main">Citizen Lab</span> Digital research center at the University of Toronto

The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, Canada. It was founded by Ronald Deibert in 2001. The laboratory studies information controls that impact the openness and security of the Internet and that pose threats to human rights. The organization uses a "mixed methods" approach which combines computer-generated interrogation, data mining, and analysis with intensive field research, qualitative social science, and legal and policy analysis methods. The organization has played a major role in providing technical support to journalists investigating the use of NSO Group's Pegasus spyware on journalists, politicians and human rights advocates.

A zero-day is a vulnerability in software or hardware that is typically unknown to the vendor and for which no patch or other fix is available. The vendor thus has zero days to prepare a patch, as the vulnerability has already been described or exploited.

Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."

<span class="mw-page-title-main">Kaspersky Lab</span> Russian multinational cybersecurity and anti-virus provider

Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky and Alexey De-Monderik. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.

An advanced persistent threat (APT) is a stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals.

Cyberwarfare by China is the aggregate of cyberattacks attributed to the organs of the People's Republic of China and various related advanced persistent threat (APT) groups.

<span class="mw-page-title-main">FinFisher</span> Surveillance software

FinFisher, also known as FinSpy, is surveillance software marketed by Lench IT Solutions plc, which markets the spyware through law enforcement channels.

<span class="mw-page-title-main">Tailored Access Operations</span> Unit of the U.S. National Security Agency

The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32, is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least 1998, possibly 1997, but was not named or structured as TAO until "the last days of 2000," according to General Michael Hayden.

Hacking Team was a Milan-based information technology company that sold offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations. Its "Remote Control Systems" enable governments and corporations to monitor the communications of internet users, decipher their encrypted files and emails, record Skype and other Voice over IP communications, and remotely activate microphones and camera on target computers. The company has been criticized for providing these capabilities to governments with poor human rights records, though HackingTeam states that they have the ability to disable their software if it is used unethically. The Italian government has restricted their licence to do business with countries outside Europe.

Cyberwarfare is a part of the Iranian government's "soft war" military strategy. Being both a victim and wager of cyberwarfare, Iran is considered an emerging military power in the field. Since November 2010, an organization called "The Cyber Defense Command" has been operating in Iran under the supervision of the country's "Passive Civil Defense Organization" which is itself a subdivision of the Joint Staff of Iranian Armed Forces.

The cyber-arms industry are the markets and associated events surrounding the sale of software exploits, zero-days, cyberweaponry, surveillance technologies, and related tools for perpetrating cyberattacks. The term may extend to both grey and black markets online and offline.

<span class="mw-page-title-main">NSO Group</span> Israeli cyber-espionage and malware firm

NSO Group Technologies is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance of smartphones. It employed almost 500 people as of 2017.

Pegasus is a spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android. While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists. The sale of Pegasus licenses to foreign governments must be approved by the Israeli Ministry of Defense.

DarkMatter Group is a computer security company founded in the United Arab Emirates (UAE) in 2014 or 2015. The company has described itself as a purely defensive company, however in 2016, it became a contractor for Project Raven, to help the UAE surveil other governments, militants, and human rights activists. It has employed former U.S. intelligence operatives and graduates of the Israel Defense Force technology units.

The Entity List is a trade restriction list published by the United States Department of Commerce's Bureau of Industry and Security (BIS), consisting of certain foreign persons, entities, or governments. It is published as Supplement 4 of Part 744 of the Code of Federal Regulations. Entities on the Entity List are subject to U.S. license requirements for the export or transfer of specified items, such as some U.S. technologies. However, U.S. persons or companies are not prohibited from purchasing items from a company on the Entity List. Being included on the Entity List is less severe than being designated a "denied person" and more severe than being placed on the Unverified List (UVL).

Candiru is a private Tel Aviv-based company founded in 2014 which provides spyware and cyber-espionage services to government clients. Its management and investors overlap significantly with that of NSO Group. Its operations began being uncovered in 2019 by researchers at CitizenLab, Kaspersky, ESET. Microsoft refers to the company's cyber-espionage operations as "Caramel Tsunami/SOURGUM" while Kaspersky refers to it as "SandCat"

FORCEDENTRY, also capitalized as ForcedEntry, is a security exploit allegedly developed by NSO Group to deploy their Pegasus spyware. It enables the "zero-click" exploit that is prevalent in iOS 13 and below, but also compromises recent safeguards set by Apple's "BlastDoor" in iOS 14 and later. In September 2021, Apple released new versions of its operating systems for multiple device families containing a fix for the vulnerability.

Tal Dilian is a Colonel in reserves in the Israel Defense Forces (IDF) who served as Chief Commander of the army’s secret technology unit. He is the founder of Intellexa, a spyware supplying company, implicated in the 2022 Greek surveillance scandal.

The 2022 Greek surveillance scandal, sometimes called Predatorgate or Greek Watergate, refers to the prolonged and en masse monitoring of individuals prominent in the Greek political scene, along with multiple public persons, including the president of the social democratic party, PASOK, Nikos Androulakis, the journalists Thanassis Koukakis and Stavros Michaloudis, as well as members of the government and close affiliates of Kyriakos Mitsotakis, among others, via the Greek National Intelligence Service (EYP) or the Predator spyware.

References

  1. "Commerce Adds Four Entities to Entity List for Trafficking in Cyber Exploits". Bureau of Industry and Security of the United States Department of Commerce (bis.doc.gov). 18 July 2023. Archived from the original on 7 March 2024. Retrieved 6 March 2024.
  2. Benjakob, Omer. "U.S. Blacklists Israeli-owned Cyber Arms Firms". Haaretz. Archived from the original on 2 August 2023. Retrieved 1 October 2023.
  3. 1 2 "Treasury Sanctions Members of the Intellexa Commercial Spyware Consortium". United States Department of the Treasury (treasury.gov). 5 March 2024. Archived from the original on 7 March 2024. Retrieved 7 March 2024.
  4. Benjakob, Omer. "How Israel Invested in Spyware at Heart of Greek Scandal, EU Inquiry". Haaretz. Archived from the original on 19 July 2023. Retrieved 1 October 2023.
  5. 1 2 3 4 5 Marczak, Bill; Scott-Railton, John; Razzak, Bahr Abdul; Al-Jizawi, Noura; Anstis, Siena; Berdan, Kristin; Deibert, Ron (16 December 2021). Pegasus vs. Predator: Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware (Report). University of Toronto. Archived from the original on 25 September 2023. Retrieved 25 September 2023.
  6. 1 2 3 Whittaker, Zack (16 December 2021). "A new spyware-for-hire, Predator, caught hacking phones of politicians and journalists". TechCrunch . Archived from the original on 25 September 2023. Retrieved 25 September 2023.
  7. 1 2 3 Brewster, Thomas (5 August 2019). "A Multimillionaire Surveillance Dealer Steps Out Of The Shadows... And His $9 Million WhatsApp Hacking Van". Forbes. Archived from the original on 25 September 2023. Retrieved 25 September 2023.
  8. 1 2 Becker, Sven; Buschmann, Rafael; Hoppenstedt, Max; Naber, Nicola; Rosenbach, Marcel (5 October 2023). "The Predator Files: European Spyware Consortium Supplied Despots and Dictators". Der Spiegel . ISSN   2195-1349. Archived from the original on 11 October 2023. Retrieved 11 October 2023.
  9. 1 2 3 4 5 Goodin, Dan (26 May 2023). "Inner workings revealed for "Predator," the Android malware that exploited 5 0-days". Ars Technica . Archived from the original on 25 September 2023. Retrieved 25 September 2023.
  10. Starks, Tim (6 October 2023). "Analysis | Meet the 'Predator Files,' the latest investigative project looking into spyware". Washington Post. ISSN   0190-8286 . Retrieved 6 October 2023.
  11. Agranovich, David; Dvilyanski, Mike (16 December 2021). "Taking Action Against the Surveillance-For-Hire Industry". Meta. Archived from the original on 24 September 2023. Retrieved 25 September 2023.
  12. DiMolfetta, David; Gregg, Aaron (18 July 2023). "U.S. blacklists spyware companies, citing security threats". Washington Post. ISSN   0190-8286. Archived from the original on 21 July 2023. Retrieved 23 September 2023.
  13. Paganini, Pierluigi (19 July 2023). "US Gov adds surveillance firms Cytrox and Intellexa to Entity List for trafficking in cyber exploits". Security Affairs. Archived from the original on 30 September 2023. Retrieved 23 September 2023.
  14. "The United States Adds Foreign Companies to Entity List for Malicious Cyber Activities". United States Department of State. Archived from the original on 23 September 2023. Retrieved 23 September 2023.
  15. "Commerce Department's Bureau of Industry and Security (BIS) added four entities, Intellexa S.A. in Greece, Cytrox Holdings Zrt in Hungary, Intellexa Limited in Ireland, and Cytrox AD in North Macedonia to the Entity List for trafficking in cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide". Archived from the original on 6 April 2024. Retrieved 6 April 2024.
  16. Lecigne, Clement; Resell, Christian (19 May 2022). "Protecting Android users from 0-Day attacks". Google. Archived from the original on 26 September 2023. Retrieved 26 September 2023.
  17. "Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware". Cisco Talos . 25 May 2023. Archived from the original on 26 September 2023. Retrieved 26 September 2023.
  18. 1 2 "Global: 'Predator Files' spyware scandal reveals brazen targeting of civil society, politicians and officials". Amnesty International . 9 October 2023. Archived from the original on 12 October 2023. Retrieved 11 October 2023.
  19. 1 2 Jikhareva, Anna; Jirát, Jan; Kormann, Judith; Naegeli, Lorenz; Surber, Kaspar (4 October 2023). "Permanente Überwachung: Der Spion in der Hosentasche" [Permanent Surveillance: The Spy in your Pocket]. WOZ Die Wochenzeitung (in German). Archived from the original on 3 January 2024. Retrieved 6 October 2023.
  20. Schat, Julien (1 December 2022). "Europäische Überwachungsexporte: Intellexa beliefert sudanesische Paramilitärs". netzpolitik.org (in German). Retrieved 15 June 2024.
  21. "Flight of the Predator". Lighthouse Reports. Retrieved 15 June 2024.
  22. https://home.treasury.gov/news/press-releases/jy2155
  23. https://techcrunch.com/2024/09/16/us-government-expands-sanctions-against-spyware-maker-intellexa
  24. "iOS Exploits Traced to Israeli 'Predator' Spyware Used on Egyptian Politician". PCMag UK. 22 September 2023. Archived from the original on 23 September 2023. Retrieved 23 September 2023.
  25. Attalah, Lina (14 September 2023). "Aspiring presidential candidate Ahmed Tantawi targeted by Predator spyware". Mada Masr . Archived from the original on 4 October 2023. Retrieved 22 September 2023.
  26. 1 2 3 Bajak, Frank (23 September 2023). "Leading Egyptian opposition politician targeted with spyware, researchers find". Associated Press . Archived from the original on 26 September 2023. Retrieved 26 September 2023.
  27. 1 2 "Leading Egyptian opposition presidential candidate targeted by spyware". Al Jazeera . 24 September 2023. Archived from the original on 5 October 2023. Retrieved 26 September 2023.
  28. Stamouli, Nektaria (5 November 2022). "Greece's spyware scandal expands further". Politico . Archived from the original on 27 September 2023. Retrieved 26 September 2023.
  29. Lavelle, Moira (17 November 2022). "Reporters dig up more links between Greek government and spyware". Al Jazeera . Archived from the original on 27 September 2023. Retrieved 26 September 2023.
  30. 1 2 Ropek, Lucas (6 October 2022). "Journalist Sues Spyware Company for Allegedly Helping Gov. Surveil Him". Gizmodo . Archived from the original on 27 April 2023. Retrieved 27 April 2023.
  31. Benjakob, Omer (6 October 2022). "Criminal Allegations Against Israeli-linked Spyware, Ex-intel Commander in Greek Hacking Scandal". Haaretz . Archived from the original on 2 August 2023. Retrieved 27 September 2023.
  32. Stevis-Gridneff, Matina (20 March 2023). "Meta Manager Was Hacked With Spyware and Wiretapped in Greece". The New York Times. ISSN   0362-4331. Archived from the original on 22 September 2023. Retrieved 27 September 2023.
  33. Roth, Emma (21 March 2023). "Meta security manager was reportedly hacked by Greek intelligence agency". The Verge . Archived from the original on 6 June 2023. Retrieved 27 September 2023.
  34. Γιάννης Σουλιώτης (28 July 2023). "Παρακολουθήσεις: Τα 92 πρόσωπα που δέχθηκαν επίθεση Predator". Η Καθημερινή . Archived from the original on 17 August 2023. Retrieved 17 August 2023.
  35. 1 2 Ελίζα Τριανταφύλλου, Τάσος Τέλλογλου (27 July 2023). "Predatorgate: Τι έγραφαν τα SMS-παγίδα που έλαβαν επιχειρηματίες, υπουργοί και δημοσιογράφοι". Inside Story. Archived from the original on 17 August 2023. Retrieved 17 August 2023.
  36. Shapero, Julia (9 October 2023). "Vietnam agents tried to plant spyware on phones of US lawmakers and journalists: probe". The Hill . Archived from the original on 10 October 2023. Retrieved 9 October 2023.
  37. Greenberg, Andy (14 October 2023). "The US Congress Was Targeted With Predator Spyware". Wired . ISSN   1059-1028. Archived from the original on 15 October 2023. Retrieved 15 October 2023.
  38. 1 2 3 Kenner, David (15 November 2023). "The spy, the lawyer and their global surveillance empire: How an Israeli cyber-surveillance kingpin and his attorney ex-wife exploited Cypriot loopholes to build one of the world's most notorious spyware firms". ICIJ. Archived from the original on 7 March 2024. Retrieved 7 March 2024.
  39. Mazzetti, Mark (18 July 2023). "U.S. Blacklists Two Spyware Firms Run by an Israeli Former General: The moves by the Commerce Department against the Europe-based firms is the latest effort to rein in a spyware industry that has spiraled out of control in recent years". New York Times. Archived from the original on 18 July 2023. Retrieved 7 March 2024.
  40. 1 2 Kenner, David; Sampson, Eve (6 March 2024). "Spyware firm Intellexa hit with US sanctions after Cyprus Confidential exposé: The U.S. Treasury sanctioned the cyber-surveillance group and two of its key leaders, Tal Dilian and Sara Hamou, for proliferating spyware use around the world". ICIJ. Archived from the original on 7 March 2024. Retrieved 7 March 2024.
  41. "Trident Trust". ICIJ. October 2022. Archived from the original on 27 October 2022. Retrieved 7 March 2024.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.