Operations of the Intellexa Alliance behind the Predator spyware were noted by cybersecurity experts to have significantly dwindled in the months following sanctions imposed by the Biden administration and other crackdown efforts exposing its infrastructure, reports CyberScoop.
"The sanctions definitely caused a bit of harm on their side, both on the customer side — like they might have lost a few customers because of that — but also on the partnership with other companies that they used to work with, like, for example, for acquiring exploits," said Google Threat Analysis Group researcher Clement Lecigne, who noted that Intellexa activity persists despite the operator experiencing challenges in restoring its infrastructure.
Similar observations have been shared by Recorded Future Insikt Group's Julian-Ferdinand Vogele and Amnesty Tech's Donncha O Cearbhaill, with the latter expressing uncertainty over Intellexa's access to the latest Android and iOS zero-day exploits. O Cearbhaill also raised concerns about how U.S. sanctions are financially impacting Intellexa, which primarily operates in Europe.
