US levies more sanctions on members of global spyware vendor nexus

The Treasury Department sanctioned five people tied to a major global commercial spyware distribution market, on grounds that they developed and distributed electronic spying tools that pose threats to U.S. national security.

The sanctions announced Monday target members of the Intellexa Consortium, a confederation of firms known for crafting and selling advanced surveillance tools to private companies and sovereign nations. The entity is often marketed under the brand name Predator, the same name as a flagship spyware product offered by Cytrox, which has corporate presence in Israel, Hungary and North Macedonia.

Outside the consortium, Intellexa has operated as its own firm and is based in Greece. It was blacklisted alongside Cytrox by the U.S. last year. Greek national Felix Bitzios, who reportedly had a major investment stake in Intellexa despite the firm being added to that U.S. restriction list, was among those targeted in Monday’s sanctions.

Bitzios is described by Treasury as “the beneficial owner of an Intellexa Consortium company that was used to supply Predator spyware to a foreign government client.” The government was not named. Artemis Artemiou, a general manager and board member of Cytrox’s holding company, a member of the consortium and, according to Treasury, an Intellexa employee, was also sanctioned.

The Aliada Group, a British Virgin Islands entity linked to the consortium, was also sanctioned for its role in facilitating financial transactions totaling tens of millions of dollars for the spyware-producing organization, Treasury said.

The State Department in February greenlit a policy that would allow the U.S. to impose visa restrictions on individuals linked to commercial spyware abuses. In early March, it unveiled the first iteration of those financial holds, hitting Intellexa and its leaders. That included Tal Dilian, a former Israeli intelligence officer who helped found the consortium and has been a central figure in the global spying tools market.

Spyware — software programs surreptitiously planted on victims’ devices to surveil their movements and capture private communications — has been deployed extensively by governments against journalists, politicians and dissidents around the world. It’s also fueled spying and espionage scandals involving private companies.

U.S. officials, including those working abroad for State, have previously been targeted by the technology. High-profile lawmakers who lead foreign affairs and national security efforts in Congress have also been put in the crosshairs of the cyber surveillance technologies.

President Joe Biden last year signed a sweeping executive order that prohibits federal agencies from using commercial spyware tools in ways that enable human rights abuses or compromise national security. 

But the U.S. has still reportedly struck covert deals with spyware vendors, including Israel-based NSO Group — known for its Pegasus spyware — which was sanctioned in 2021. The FBI in 2022 confirmed that it had tested the Pegasus offering for use in criminal investigations, though it claimed the license was only used for testing and wasn’t applied in a real scenario.

At least 74 nations have contracted with with spyware providers, according to an analysis released last year from the Carnegie Endowment for International Peace think tank based in Washington.

Kremlin-backed cyber operatives likely targeted a slew of Mongolian government websites using exploits that mirrored those deployed by commercial spyware vendors like NSO and Intellexa, according to a report issued last month from Google’s Threat Analysis Group.

Spyware development is largely backed by the private sector. Google findings released earlier this year shows industrial spyware vendors have made lucrative business selling their products to governments. In March, the White House convened investors for the first time to warn them about the national security implications of financing spyware ventures. Those investors made voluntary commitments to “guide investments in ways that promote the values of free and open societies,” according to the State Department.

State is aiming to add more nations to a U.S.-led pact focused on deterring global spyware abuses by the end of the year, Nextgov/FCW reported in March.