The recent discovery of new equipment tied to Predator spyware implies that the surveillance technology is still finding new customers, despite the fact that its backers have faced rounds of US sanctions since July 2023.
In a research published earlier this week, researchers at Insikt Group claim to have linked the sophisticated spyware to operators in Mozambique for the first time. According to Insikt, Mozambique is one of many African countries where the spyware has arrived, with the continent accounting for more than half of all known Predator users.
A further discovery in the investigation reveals "the first technical connection made between Predator infrastructure and corporate entities associated with the Intellexa Consortium," according to Insikt, referring to the organisation believed to be supporting Predator. Intellexa was among the entities sanctioned by the United States.
The revelation is the result of an Insikt investigation into entities tied to Dvir Horef Hazan, a Czech bistro owner, entrepreneur, and programmer who a Czech news site claims worked for Intellexa. A Greek law enforcement investigation into the possible Predator targeting of journalist Thanasis Koukakis further claimed that Intellexa transferred about €3 million (around $3.5 million) to Hazan and his enterprises.
The specifics of Hazan's alleged work for Intellexa are unclear, but Insikt claims it discovered a link between Predator's multi-tiered infrastructure and a Czech business indirectly linked to Hazan.
According to the researchers, Predator's basic infrastructure has remained mostly unchanged, although there is evidence that operators have developed the spyware to make it more difficult to detect on a device.
Insikt's recent findings reflect prior allegations indicating that Predator activities persisted following the US government's measures in July 2023.
Initially, the Commerce Department placed Intellexa and a subsidiary unit, Cytrox, on the Entity List, which limits how companies conduct business with the United States and tarnish their reputation. Then, in 2024, federal agencies acted twice to ban Predator-related organisations.