Google’s Threat Analysis Group and The Citizen Lab discovered a 0-day exploit chain developed by Intellexa in Egypt, installing Predator spyware on iPhones and Android devices. Apple and Chrome have released patches, emphasizing user vigilance and security feature activation. 

Google’s Threat Analysis Group [TAG], with The Citizen Lab, uncovered a 0-day exploit chain for iPhones in Egypt, developed by Intellexa. This exploit chain installs Predator spyware on devices. In response, Apple promptly released patches, urging users to update their devices for enhanced protection. The exploit chain was delivered through a “man-in-the-middle” attack, redirecting users to an Intellexa site, which didn’t require user interaction.


The exploit chain for iOS included three vulnerabilities, leading to the installation of Predator implant. Google plans a technical deep dive on these exploits, aligning with its vulnerability disclosure policy. Intellexa also had an exploit chain for Android devices, delivered in two ways, exploiting a vulnerability that was patched on September 5th. Chrome has been working towards universal HTTPS adoption and has an “HTTPS-First Mode” to protect against such attacks.


This incident highlights the risks posed by the proliferation of commercial surveillance vendors. It underscores the need for vigilance and timely action against the commercial spyware industry. Users are encouraged to update their devices and enable security features to protect against potential threats.


This campaign exemplifies the abuses and risks from commercial surveillance vendors like Intellexa, an Irish company producing the controversial Predator spyware. Intellexa has been blacklisted by US authorities since late 2019 for engaging in activities threatening global privacy and security. The software can covertly take control of a mobile phone’s microphone and camera, turning it into a spying device. The blacklisting prohibits US businesses from engaging in certain trade activities with the company, citing threats to privacy and security worldwide.


Leave a Reply

Your email address will not be published. Required fields are marked *