• Sat. Aug 26th, 2023

From Allies to Blacklisted: Intellexa & Cytrox

Aug 26, 2023
From Allies to Blacklisted: Intellexa & Cytrox
Esme Greene
Latest posts by Esme Greene (see all)

The Biden administration has placed Intellexa and Cytrox on the “list of entities,” severely limiting US business relations with them. The decision was made due to worries about the groups’ potential impact on US foreign and national security policies. Notably, both companies have a track record for creating spyware.

Biden is still fighting to curtail the abuse and growth of cyber espionage. In March, he issued an executive order prohibiting and forbidding the use of spyware by US government agencies, particularly in cases where it may be used to snoop on internal affairs.

Jamal Khashoggi’s wife, a slain Saudi Arabia  journalist, had spyware from the NSO Group planted on her phone, it was discovered last year. Pegasus seems to have been superseded in Saudi with Predator Cytrox.

Spyware Alliance Exposed: Intellexa and Cytrox’s Murky Connections

According to the Citizen Lab 2021 research, Intellexa once had plans to forge a potent “cyber espionage alliance” to rival NSO Group. Former Israeli intelligence officer and entrepreneur Tal Dilian founded the enterprise.

The article highlights Cytrox, a 2017 business associated with Intellexa, even if their connection is yet undetermined. Notably, Ayman Nour, a prominent Egyptian politician and reporter, had his phones infected with the Cytrox virus. Cytrox and the NSO Group Pegasus virus were both active on Nour’s phone at the same time.

Citizen Lab states that the simultaneous use of Pegasus and Predator on a single target shows how civilian hacking extends beyond specific spyware providers. As long as totalitarian countries possess advanced cyber capabilities, this practice will undoubtedly continue.

Concerns about foreign nations deploying malware to assault US business workers have already been voiced by the White House. According to a March executive order, around 50 US federal employees may have been affected by commercial cyber tools.