Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Mozambique. Show all posts
User Privacy
Insikt Group malware Mozambique Predator spyware User Privacy

Predator Spyware Campaign Resurfaces With a New Infrastructure

 

The latest discovery of new Predator spyware-related equipment suggests that the surveillance technology is still finding new clients, despite US penalties imposed on its backers since July 2023. 

In a report published earlier this month, analysts at Insikt Group claimed to have traced the sophisticated malware to operators in Mozambique for the first time. According to Insikt, Mozambique is one of many African countries where the spyware has spread, with the continent home to more than half of all known Predator users.

According to Insikt, a new discovery in the probe revealed "the first technical connection made between Predator infrastructure and corporate entities associated with the Intellexa Consortium," referring to the group believed to be backing Predator. The United States sanctioned several entities, including Intellexa.

The disclosure stems from an Insikt investigation into entities associated with Dvir Horef Hazan, a Czech bistro owner, entrepreneur, and programmer who, according to a Czech news source, worked for Intellexa. A Greek law enforcement investigation into the alleged Predator targeting of journalist Thanasis Koukakis revealed that Intellexa moved over €3 million (around $3.5 million) to Hazan and his businesses. 

The details of Hazan's alleged work for Intellexa are unclear, but Insikt claims to have identified a link between Predator's multi-tiered architecture and a Czech company that is indirectly tied to Hazan.

The researchers claim that Predator's basic infrastructure has stayed mostly unaltered, however there is evidence that operators have modified the spyware to make it trickier to detect on a device. Insikt's recent data support previous reports that Predator activities continued following the US government's steps in July 2023. 

Initially, the Commerce Department placed Intellexa and a subsidiary unit, Cytrox, on the Entity List, which limits how companies conduct business with the United States and tarnish their reputation. Then, in 2024, federal agencies acted twice to ban Predator-related organisations.
Read more »
Spyware
malware Mozambique Predator Spyware

Predator Spyware Activity Resurfaces in Mozambique Using Novel Techniques

 

The recent discovery of new equipment tied to Predator spyware implies that the surveillance technology is still finding new customers, despite the fact that its backers have faced rounds of US sanctions since July 2023.

In a research published earlier this week, researchers at Insikt Group claim to have linked the sophisticated spyware to operators in Mozambique for the first time. According to Insikt, Mozambique is one of many African countries where the spyware has arrived, with the continent accounting for more than half of all known Predator users.

A further discovery in the investigation reveals "the first technical connection made between Predator infrastructure and corporate entities associated with the Intellexa Consortium," according to Insikt, referring to the organisation believed to be supporting Predator. Intellexa was among the entities sanctioned by the United States.

The revelation is the result of an Insikt investigation into entities tied to Dvir Horef Hazan, a Czech bistro owner, entrepreneur, and programmer who a Czech news site claims worked for Intellexa. A Greek law enforcement investigation into the possible Predator targeting of journalist Thanasis Koukakis further claimed that Intellexa transferred about €3 million (around $3.5 million) to Hazan and his enterprises.

The specifics of Hazan's alleged work for Intellexa are unclear, but Insikt claims it discovered a link between Predator's multi-tiered infrastructure and a Czech business indirectly linked to Hazan. 

According to the researchers, Predator's basic infrastructure has remained mostly unchanged, although there is evidence that operators have developed the spyware to make it more difficult to detect on a device. 

Insikt's recent findings reflect prior allegations indicating that Predator activities persisted following the US government's measures in July 2023. Initially, the Commerce Department placed Intellexa and a subsidiary unit, Cytrox, on the Entity List, which limits how companies conduct business with the United States and tarnish their reputation. Then, in 2024, federal agencies acted twice to ban Predator-related organisations.
Read more »
Subscribe to: Posts (Atom)