Macedonian company Cytrox AD has been placed on the sanctions list by the US Treasury Department’s Office of Foreign Assets Control (OFAC) for its role in the development, operation and distribution of spyware technology used to spy on US officials, reports The Geopost.
This Skopje-based company was previously on the sanctions list of the US Department of Commerce’s Bureau of Industry and Security due to attempts to access information systems and threats to the privacy and security of individuals and organizations worldwide.
The U.S. Treasury Department states that Cytrox AD is a North Macedonia-based company within the Intellexa consortium and serves as the developer of the consortium’s Predator espionage program.
The companies “Intelexa SA” from Greece, “Intelexa Limited” and “Talestris Limited” from Ireland and “Sytrox Holding ZRT” from Hungary were also sanctioned. Tal Jonathan Dilian, founder of the Intelexa consortium, and Sara Alexandra Faisal Hamou, a specialist in offshore companies, are also on the sanctions list.
“Today’s actions represent a concrete step forward in stopping the misuse of commercial surveillance tools that increasingly pose a security risk to the United States and our citizens,” said Brian E. Nelson, Under Secretary of the Treasury for Terrorism and Financial Intelligence. “The United States remains focused on establishing clear safeguards for the development and responsible use of these technologies while ensuring the protection of human rights and civil liberties of individuals around the world.”
According to the US Treasury Department, since its inception in 2019, the Intellexa consortium has acted as a marketing brand for a variety of cyberattack companies that provide commercial spyware and surveillance tools to enable targeted and mass surveillance campaigns. These tools are grouped as a suite of tools under the brand name Predator, which can infiltrate a variety of electronic devices through zero-click attacks that require no user interaction in order for spyware to infect the device. Once a device is infected with Predator, the spyware can be used for various information theft and surveillance purposes – including unauthorized data extraction, location tracking and access to a variety of applications and personal information on the compromised device.
In addition, the Predator spyware has been used by foreign actors to secretly spy on U.S. government officials, journalists and policy experts. If successfully infected by Predator, spyware operators can access and retrieve sensitive information, including contacts, call logs and message information, microphone recordings and other material from the device.
The U.S. Department of the Treasury announces that as a result of this decision, all assets of the sanctioned companies and individuals based in the United States will be frozen and must be reported to OFAC. In addition, any entity that is owned directly or indirectly, individually or in the aggregate, 50 percent or more by one or more sanctioned persons will be blocked.
/The Geopost