US blacklists two spyware companies run by a former Israeli general

The Biden administration added two European-based hacking firms controlled by a former Israeli general to the Commerce Department’s blacklist on Tuesday, in its latest effort to try to rein in a spyware industry that has spiraled out of control in recent years.

The two companies, Intellexa and Cytrox, are at the center of a political scandal in Greece, with government officials accused of using their hacking tools against journalists and political opponents.

Under the terms of the blacklist, US companies are largely prohibited from doing business with the designated companies, a move intended to starve them of the US technology — such as servers and cloud storage — that they need to continue operations. In November 2021, the White House blacklisted the Israeli company NSO Group, the most well-known supplier of hacking tools.

Both Intellexa and Cytrox are controlled by Tal Dilian, a former general in Israeli military intelligence who was forced to retire from the Israel Defense Forces in 2003 after an internal investigation raised suspicions of his involvement in mismanagement of funds, according to three former senior officials. Officers in the Israeli army.

He eventually moved to Cyprus, an island nation of the European Union that has become a favorite destination in recent years for surveillance firms and cyberintelligence experts.

Greek authorities launched an investigation last year into the use of Intellexa’s main hacking tool, Predator, by the country’s spy agency. A separate investigation was launched after a New York Times report revealed that Greece had authorized the export of the Predator to at least one African country, Madagascar.

Predator was mainly used against local politicians and journalists, but the Times investigation found that the spyware had also been used against an American citizen who was working at the time as director of Meta while a Greek spy agency was eavesdropping on her.

Like the more famous Pegasus, made by NSO, Predator spyware can hack into cellphones, extract videos, photos, and emails, and it can turn phones into surveillance devices to spy on its users.

Europe has shown a limited appetite for accountability over the use of Predator and other tools, even as investigations begin into how the spyware was allowed to be spread domestically and exported to countries including Sudan and Madagascar.

The immediate impact of Mr. Dillian’s decision to blacklist companies is unclear, especially if he was able to circumvent US restrictions by purchasing critical technology from other countries.

Unlike NSO, which is based in Israel, Mr. Dillian’s companies are not subject to Israeli regulations, and the former general has been able to exploit the scandals surrounding NSO Pegasus abuses to his advantage. When the Israeli government began limiting the number of countries NSO could sell its products to, Mr. Dillian filled the void by selling his competing spyware to those countries.

Mr. Dillian enters and leaves Israel at will, and his team members have been aggressive in trying to recruit top hackers from Israel-based companies. A large number of hacking experts in Israel have recently received job offers for Mr. Dillian’s companies, according to four people in the Israeli internet industry.

Earlier this year, the White House issued an executive order restricting federal agencies from using spying tools that governments have abused to spy on dissidents, human rights activists, and journalists. Days later, a group of countries signed the Summit for Democracy on common message Declaring their commitment to curb abuse of hacking tools.

It is not a blanket ban. For example, the White House has authorized the Drug Enforcement Administration to use another Israeli spy product—known as graphite—in its operations against drug traffickers.

Even as Western governments became increasingly concerned about the dangers of commercial spyware, hacking tools continued to proliferate. A senior administration official told reporters Monday that one of the goals of the decision to blacklist hacking firms was to scare away potential investors who might expect profits in the industry.

Ronen Bergman Contributing reporting from Tel Aviv, W Matina Steves Gridnev From Brussels and Athens.