The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Tuesday removed three individuals associated with the Intellexa Consortium, the holding company for the commercial spyware known as “Predator,” from its list of Specially Designated Nationals.
The names of the individuals are:
Merom Harpas Andrea Nicola Constantino Hermes Gambazzi Sara Alexandra Faisal Hamou
Hamou was sanctioned by OFAC in March 2024, and Harpaz and Gambazzi were targeted in September 2024 in connection with the development, operation, and distribution of Predator. At this time, it is unclear why it was removed from the list.
Mr Harpas is said to be working as a manager for Interexa SA, while Mr Gambazzi has been identified as the owner of Talestris Limited and Interexa Limited. The Treasury Department said Talestris held the rights to distribute spyware and processed transactions on behalf of other entities within the Intellexa Consortium. It is also the parent company of Intellexa SA.
Mr Hamou is listed by the Ministry of Finance as one of the key promoters of the Intellexa consortium and works as a corporate offshoring expert responsible for providing management services such as renting office space in Greece on behalf of Intellexa SA. It is unclear whether these individuals still hold the same positions.
At the time, the agency said the prevalence of commercial spyware posed a growing security risk to the United States and its citizens. They called for the need to establish guardrails to ensure the responsible development and use of these technologies, while balancing individual human rights and civil liberties.
“A hasty decision to lift sanctions against individuals involved in attacks on American persons or interests risks sending a signal to bad actors that this action may have little consequence if they pay a sufficient amount.” [money] It’s for flashy lobbyists,” said Natalia Krapiva, senior technology legal counsel at Access Now.
This comes just weeks after an Amnesty International report revealed that a human rights lawyer in Pakistan’s Balochistan province was targeted in a Predator attack via WhatsApp messages.
Predator, which has been active since at least 2019, is designed to be stealthy and collect sensitive data from infected devices while leaving little to no evidence of compromise. Typically delivered via a one-click or zero-click attack vector.
Like NSO Group’s Pegasus, this tool is officially marketed to counter-terrorism and law enforcement agencies. However, the investigation revealed a broader pattern of this attack on civil society figures, including journalists, activists, and politicians.
A Record Future investigation published this month found that the use of Predator continues despite increased public coverage and international action.
“Several key trends are shaping the spyware ecosystem, including increasing fragmentation as companies split along geopolitical lines, with some sanctioned companies seeking new legitimacy through acquisitions while others move to areas with less oversight,” the Mastercard company said in a statement.
“Furthermore, increased competition and secrecy surrounding high-value exploit technology increases the risk of corruption, internal information leaks, and attacks on spyware vendors themselves.”
Source link
