A human rights attorney from Pakistan’s Balochistan region was recently sent a suspicious WhatsApp link from an unidentified number—an incident that Amnesty International says marks the first known targeting of a civil society actor in the country with Intellexa’s Predator spyware.

According to Amnesty, the URL displayed clear indicators of a "Predator attack attempt based on the technical behaviour of the infection server, and on specific characteristics of the one-time infection link which were consistent with previously observed Predator 1-click links." Pakistan has rejected the accusations, stating "there is not an iota of truth in it."

These revelations stem from a collaborative investigation involving Haaretz (Israel), Inside Story (Greece), and Inside IT (Switzerland). The findings are based on leaked company documents, internal communications, marketing materials, and training videos.

Intellexa, known for developing the mercenary spyware Predator, offers an advanced surveillance tool similar to NSO Group’s Pegasus. The product can clandestinely extract sensitive data from Android and iOS devices. Internal leaks indicate that Predator has also been branded under names such as Helios, Nova, Green Arrow, and Red Arrow.

To deploy the spyware, attackers commonly rely on malicious links sent through communication platforms. These links exploit undisclosed vulnerabilities through zero-click or one-click methods. If the intended target taps the link, a browser exploit in Google Chrome (Android) or Apple Safari (iOS) initiates access to the device, enabling the download of the main payload.

Google’s Threat Intelligence Group (GTIG) linked Intellexa to multiple zero-day exploits—either developed internally or purchased externally—including:

In 2023, an iOS exploit chain deployed against individuals in Egypt combined CVE-2023-41993 with a framework called JSKit to run native code. GTIG noted the same exploit was used in a watering-hole attack linked to Russian state-backed hackers targeting Mongolian government websites, implying possible third-party supply of the exploits.

Google explained that "the JSKit framework is well maintained, supports a wide range of iOS versions, and is modular enough to support different Pointer Authentication Code (PAC) bypasses and code execution techniques." It can manually load and run Mach-O binaries directly from memory.

Once CVE-2023-41993 is abused, the attack escalates through CVE-2023-41991 and CVE-2023-41992 to escape Safari’s sandbox. This paves the way for a third-stage module known as PREYHUNTER. PREYHUNTER consists of:

Intellexa also maintains a dedicated framework for exploiting Chrome’s V8 vulnerabilities, including CVE-2021-38003, CVE-2023-2033, CVE-2023-3079, CVE-2023-4762, and CVE-2025-6554, the last of which was reportedly used in Saudi Arabia in June 2025.

Once active on a device, Predator can extract data from messaging apps, calls, emails, location records, passwords, and screenshots. It can also activate the microphone for ambient audio recording and capture photos using the camera. All collected data is sent to servers inside the customer’s country.

Intellexa and several executives were sanctioned by the United States last year for creating and distributing the spyware, which authorities said undermines civil rights. Yet Predator infrastructure remains active in over a dozen countries, primarily in Africa, according to a June 2025 report by Recorded Future’s Insikt Group.

One of the most alarming disclosures is that Intellexa employees allegedly retained the ability to remotely access Predator systems hosted by its clients—including government installations—via TeamViewer.

Amnesty's Jurre van Bergen warned: "The fact that, at least in some cases, Intellexa appears to have retained the capability to remotely access Predator customer logs – allowing company staff to see details of surveillance operations and targeted individuals raises questions about its own human rights due diligence processes."

He added that if a spyware vendor is directly involved in operations, "it could potentially leave them open to claims of liability in cases of misuse and if any human rights abuses are caused by the use of spyware."

The report also outlines how Intellexa uses several delivery techniques that do not require targets to click malicious links. These include tools such as Triton (disclosed in 2023), Thor, and Oberon, along with remote delivery strategies that rely on internet or mobile networks.

Its three major strategic vectors include:

Amnesty noted: "The Aladdin system infects the target's phone by forcing a malicious advertisement created by the attacker to be shown on the target's phone."

Google confirmed it collaborated with partners to identify companies linked to Intellexa that operated within the ad ecosystem and to shut down those accounts.

Recorded Future separately identified two companies—Pulse Advertise and MorningStar TEC—suspected of managing ads tied to the Aladdin vector. The same report observed ongoing Predator infrastructure communication associated with customers in Saudi Arabia, Kazakhstan, Angola, and Mongolia.

Meanwhile, communication from Predator systems in Botswana, Trinidad and Tobago, and Egypt stopped around mid-2025. Recorded Future noted this could mean those governments ended their use of Predator—or alternatively shifted to new servers or infrastructure.