27 people spied on, journalists, political figures from several countries and even academics, and 23 institutions targeted between February 2020 and June 2023. Here is the worrying count – and at a minimum – of the misdeeds of the Predator spyware recently revealed by the non-governmental organization Amnesty International.
According to the Mediapart website, a French MEP was thus targeted, the president of the “Fisheries” committee of the European Parliament Pierre Karleskind. While traces of spyware in the Malagasy presidential campaign and against an Egyptian personality were also spotted respectively by the company Sekoia.io and Citizen Lab.
Traces of infection
The highly intrusive Predator spyware allows full access to the targeted phone’s data, from contacts to photos and videos. Google and Apple had also reported a few weeks ago that they had corrected the chains of vulnerabilities exploited by the spyware. His activity has also just been dissected in an investigation by the European Investigative Collaborations (EIC) network, an investigative work based on hundreds of confidential documents obtained by Mediapart and Der Spiegel.
Because Predator cannot settle down without an action from its target, which made it possible to spot traces. It is therefore not “zero-click” spyware capable of very discreetly infecting a phone.
Amnesty International’s specialized service on digital espionage, the Security Lab, thus succeeded in finding one of the infection vectors, propagated on X (formerly Twitter) by an Internet user whose nickname was “Joseph_Gordon16”. The latter had placed malicious links to Predator in his publications, the tweets appearing to falsely refer, for example, to a news site or to an article from a think-tank.
Sold in 25 countries
Amnesty International’s analyzes of the technical infrastructure of Predator spyware suggest significant dissemination of this spyware. It would have been active in Angola, Egypt, Mongolia, Kazakhstan, Indonesia, Madagascar, and Sudan, for example. A sulphurous commercial success to be credited to European companies.
This spyware, supposed to be used to fight organized crime and terrorism, was in fact designed by the Macedonian company Cytrox. Marketed by the Intellexa consortium of companies in at least 25 countries, it was also reportedly sold to a Vietnam security service. This would explain the targeting of some of the victims, active in the field of fishing, an important industry of this communist dictatorship in South-East Asia.
This sale for 5.6 million euros called “AnglerFish” would also have been facilitated, reports Mediapart, by the sulphurous company Nexa Technologies. Formerly known as Amesys, this company is suspected of having supplied Egypt with an internet traffic interception system called Cerebro. The directors of these two companies were prosecuted after selling electronic surveillance tools to the Libyan regime of Muhammar Gaddafi.
“Unbridled deployment”
This example “shows overwhelmingly that Member States and EU institutions have failed to prevent the unbridled deployment of these surveillance products”, deplores Agnès Callamard, Secretary General of Amnesty International.
And this “despite investigations such as that which focused on the Pegasus project in 2021”, this spyware whose use against many French personalities had caused a scandal, she adds.
Intellexa, placed on the US Commerce Department’s blacklist, “must cease the production and marketing of Predator and any other intrusive spyware”, the non-governmental organization also demands. Which calls for the establishment of “technical guarantees” to allow the legal use of this type of surveillance products within a regulatory framework that respects human rights.