Sanctioned and exposed, Predator spyware maker group has gone awfully quiet | CyberScoop<\/title> <meta name=\"description\" content=\"Sanctions, newspaper investigations and reports exposing the Intellexa alliance\u2019s infrastructure all might have led to its diminished state.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Sanctioned and exposed, Predator spyware maker group has gone awfully quiet\"> <meta property=\"og:description\" content=\"Sanctions, newspaper investigations and reports exposing the Intellexa alliance\u2019s infrastructure all might have led to its diminished state.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2024-07-01T10:00:00+00:00\"> <meta property=\"article:modified_time\" content=\"2024-06-28T20:37:58+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1277\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Tim Starks\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@timstarks\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1719250562g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1719360210g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1716385020g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=74528d75ce0daeb8628a\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/80876\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.5.5\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=80876\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fsanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fsanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-80876 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"24.805653710247\">\n<div class=\"single-article__header-content\" readability=\"30.980694980695\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/cybersecurity\/\"> <span>Cybersecurity<\/span> <\/a> <\/li>\n<\/ul>\n<p> Sanctions, newspaper investigations and reports exposing the Intellexa alliance\u2019s infrastructure all might have led to its diminished state. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet-2.jpg?resize=768,511 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet-2.jpg?resize=1024,681 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet-2.jpg?resize=1536,1022 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet-2.jpg?resize=600,399 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet-2.jpg?resize=253,168 253w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet-2.jpg?resize=507,337 507w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet-2.jpg?resize=1015,675 1015w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet-2.jpg?resize=1267,843 1267w\" sizes=\"(max-width: 1015px) 100vw, 1015px\"><figcaption> David Wall\/Getty Images <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"80.656720290607\"><body readability=\"163.22144903807\"><\/p>\n<p>The group behind the Predator spyware has become far less visible in its operations in recent months, a development that researchers say likely indicates that sanctions and exposure have dented the firm\u2019s operations. <\/p>\n<p>The Predator spyware is operated by a corporate entity known as the Intellexa alliance, and the Predator tool has been linked repeatedly to the surveillance of journalists, members of civil society and opposition politicians. The company\u2019s operations have been extensively documented by investigative journalists and researchers, and the Biden administration has sanctioned the firm. <\/p>\n<p>Now, researchers tracking the firm say that they have observed a decline in activity from the Intellexa alliance, including a sharp decrease in the registration of new domains, dating back to last fall and continuing into the spring. <\/p>\n<p>At the same time, researchers caution that it is difficult to determine whether the spyware outfit has become less active or just figured out a way to retool and avoid scrutiny.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Cl\u00e9ment Lecigne, a researcher with Google\u2019s Threat Analysis Group, said his firm has good visibility on Intellexa, and while they continue to see some activity from the spyware maker, it has decreased following the imposition of sanctions and a series of embarrassing exposures. \u201cThey are probably struggling to get back into shape where they used to be,\u201d he said, while cautioning that \u201cthey are not completely gone.\u201d<\/p>\n<p>\u201cThe sanctions definitely caused a bit of harm on their side, both on the customer side \u2014 like they might have lost a few customers because of that \u2014 but also on the partnership with other companies that they used to work with, like, for example, for acquiring exploits,\u201d Lecigne said.<\/p>\n<p>The rapid proliferation of spyware and their increasing use of coveted and highly damaging \u201czero-day\u201d vulnerabilities has made cracking down on the industry a priority for tech companies and the U.S. government, which has marshaled the support of <a href=\"https:\/\/www.state.gov\/joint-statement-on-efforts-to-counter-the-proliferation-and-misuse-of-commercial-spyware\">a growing number of states<\/a> to counter spyware proliferation. Intellexa\u2019s fading operations may indicate that these efforts are having an impact on a key player in the spyware ecosystem. <\/p>\n<p>A senior Biden administration official speaking on condition of anonymity told CyberScoop that \u201cthe constellation of actions that have been undertaken by both the U.S. government, as well as outside groups, has had an impact on the commercial spyware industry in going after misuse and unethical activity, as well as on Intellexa itself.\u201d<\/p>\n<p>That wave of scrutiny kicked off last summer when the administration <a href=\"https:\/\/cyberscoop.com\/commerce-department-blacklists-spyware-companies\/\">placed Intellexa on its trade blacklist<\/a>. It continued in September when Google and the University of Toronto\u2019s Citizen Lab said that Predator spyware had <a href=\"https:\/\/www.washingtonpost.com\/investigations\/2023\/09\/23\/predator-egypt-hack-spyware-iphone\/\">targeted a prominent challenger to Egyptian President Abdel Fattah el-Sisi<\/a>, prompting Apple to launch a security update in response to a previously unknown, or zero-day, vulnerability.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Weeks later, in October, a media consortium <a href=\"https:\/\/www.washingtonpost.com\/politics\/2023\/10\/06\/meet-predator-files-latest-investigative-project-looking-into-spyware\/\">published \u201cThe Predator Files,\u201d<\/a> which revealed Intellexa alliance surveillance products in use around the globe, including attempts by the Vietnamese government to <a href=\"https:\/\/www.washingtonpost.com\/politics\/2023\/10\/10\/trail-predator-spyware-leads-targets-congress\/\">eavesdrop on members of the U.S. Congress<\/a>.<\/p>\n<p>Then in March, shortly after <a href=\"https:\/\/cyberscoop.com\/predator-spyware-endures-after-exposure\/\">reports that exposed Intellexa<\/a> rebuilding its infrastructure in the aftermath of \u201cThe Predator Files,\u201d <a href=\"https:\/\/cyberscoop.com\/predator-spyware-infrastructure-taken-down\/\">researchers saw evidence<\/a> that it had taken down that infrastructure. Finally, in that same month, the Biden administration <a href=\"https:\/\/cyberscoop.com\/predator-intellexa-cytrox-sanctions\/\">expanded its sanctions<\/a> against Intellexa to include additional people and entities associated with the alliance.<\/p>\n<p>Since that March stretch, \u201cwe can see that there\u2019s still some activity, but far, far less than before,\u201d said Julian-Ferdinand V\u00f6gele, a threat analyst with Recorded Future\u2019s Insikt Group, which had worked to expose Intellexa\u2019s infrastructure during that time. The firm has subsequently seen Predator delivery servers drop from a peak of around 80 to near-zero.<\/p>\n<p>Amnesty International began to see a decline in Intellexa activity around October when \u201cThe Predator Files\u201d were published and Predator\u2019s use in Egypt was revealed, said Donncha \u00d3 Cearbhaill, head of the security lab at Amnesty Tech. <\/p>\n<p>Past exposure of spyware operations have seen companies take down and then reconstitute their operations. Following <a href=\"https:\/\/www.amnesty.org\/en\/latest\/research\/2018\/08\/amnesty-international-among-targets-of-nso-powered-campaign\/\">a report on NSO Group in 2018<\/a>, for instance, the firm shut down exposed servers within hours, and it took two months for them to start bringing back up new infrastructure at scale, \u00d3 Cearbhaill said. \u201cThis is a pattern we have seen with quite a few other mercenary spyware companies as they try to rebuild after exposure,\u201d he said. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Some have questioned the extent of the potential impact from sanctions. \u201cWe don\u2019t know how the sanctions are affecting their business operations,\u201d \u00d3 Cearbhaill said. It\u2019s unclear, for example, how much the U.S. sanctions will affect the firm\u2019s ability to pay salaries in European countries where they are based.<\/p>\n<p>Commercial spyware groups are now <a href=\"https:\/\/cyberscoop.com\/spyware-zero-days-2023\/\">the most prolific users of zero-day vulnerabilities<\/a>, and that may impede the ability of researchers to understand the impact of sanctions and exposure. \u201cWe believe that Intellexa are still active, but we don\u2019t know whether they have zero-day exploits for the latest Android and iOS versions,\u201d \u00d3 Cearbhaill said.<\/p>\n<p>The reputational harm of exposure and high-profile sanctions may be contributing to the decline in observed Intellexa activity. Customers may shy away from being associated with a company getting negative attention, and exposures raise questions about the stealthiness of its products. Potential customers will be asking questions like,\u201cHow is it possible that you help us with spying on people, but you\u2019re not even able to evade detections?\u2019\u201d V\u00f6gele said.<\/p>\n<p>Sanctions can also pose a recruiting challenge for spyware outfits, if potential hires are worried about being put on a list and barred from sending their kids to the United States for education, V\u00f6gele said. <\/p>\n<p>The senior administration official said that the intent of placing Intellexa on the trade blacklist, also known as the \u201centity list,\u201d was to cut them off from U.S. goods and services. The follow-up sanctions also barred them from the U.S. financial system, the official said. Additional action against the commercial spyware industry in general \u2014 such as <a href=\"https:\/\/www.state.gov\/growing-coalition-of-governments-join-the-u-s-in-countering-the-proliferation-and-misuse-of-commercial-spyware\/#:~:text=The%20Joint%20Statement%20collectively%20affirms,of%20this%20sophisticated%20surveillance%20technology.\">enlisting other nations in a pledge<\/a> to fight spyware misuse, and <a href=\"https:\/\/www.state.gov\/promoting-accountability-for-the-misuse-of-commercial-spyware\/\">visa restrictions against 13 unnamed individuals<\/a> \u2014 has further hampered spyware vendors, particularly in Europe, the base of Intellexa\u2019s operations, according to the official.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cWhen you take that all together, it has had, in our view, considerable impact,\u201d the official said.<\/p>\n<p>The senior administration official acknowledged the opaque nature of spyware vendors. \u201cIt is also true that this is an industry where there are actors who are acting unethically that have sought to obscure their corporate practices, and try to essentially prevent transparency about their client base and their activities,\u201d the official said.<\/p>\n<p>Tal Dilian, the Israeli businessman behind Intellexa, and his ex-wife and business partner who is also said to be linked to Intellexa, did not respond to requests for comment.<\/p>\n<p><em>AJ Vicens contributed reporting to this story.<\/em><\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\">\n<div class=\"author-card\" readability=\"7.7216117216117\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/07\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet-1.jpg?w=640&ssl=1\" alt=\"Tim Starks\"> <\/figure>\n<\/p><\/div>\n<div class=\"author-card__details\" readability=\"10.901098901099\">\n<h4 class=\"author-card__name\">Written by Tim Starks<\/h4>\n<p> Tim Starks is senior reporter at CyberScoop. His previous stops include working at The Washington Post, POLITICO and Congressional Quarterly. An Evansville, Ind. native, he’s covered cybersecurity since 2003. Email Tim here: <a href=\"mailto:tim.starks@cyberscoop.com\">tim.starks@cyberscoop.com<\/a>. <\/div>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sanctioned and exposed, Predator spyware maker group has gone awfully<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[622,78,302,387,117,1629,1469,1630,268,2015,1271,482,310,288],"tags":[627,86,306,391,119,1632,1471,1633,274,2017,1274,484,311,294],"class_list":["post-4263","post","type-post","status-publish","format-standard","hentry","category-biden-administration","category-cybersecurity","category-geopolitics","category-google","category-government","category-intellexa","category-nso-group","category-predator","category-privacy","category-recorded-future","category-sanctions","category-spyware","category-technology","category-threats","tag-biden-administration","tag-cybersecurity","tag-geopolitics","tag-google","tag-government","tag-intellexa","tag-nso-group","tag-predator","tag-privacy","tag-recorded-future","tag-sanctions","tag-spyware","tag-technology","tag-threats"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/biden-administration\/\" rel=\"category tag\">Biden administration<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/geopolitics\/\" rel=\"category tag\">Geopolitics<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/google\/\" rel=\"category tag\">Google<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/intellexa\/\" rel=\"category tag\">Intellexa<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/nso-group\/\" rel=\"category tag\">NSO Group<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/predator\/\" rel=\"category tag\">Predator<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/privacy\/\" rel=\"category tag\">Privacy<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/recorded-future\/\" rel=\"category tag\">Recorded Future<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/sanctions\/\" rel=\"category tag\">sanctions<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/spyware\/\" rel=\"category tag\">spyware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/technology\/\" rel=\"category tag\">Technology<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a>","tag_info":"Threats","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4263","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=4263"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/4263\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=4263"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=4263"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=4263"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":4263,"date":"2024-07-01T05:00:00","date_gmt":"2024-07-01T10:00:00","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=80876"},"modified":"2024-07-01T05:00:00","modified_gmt":"2024-07-01T10:00:00","slug":"sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/07\/01\/sanctioned-and-exposed-predator-spyware-maker-group-has-gone-awfully-quiet\/","title":{"rendered":"Sanctioned and exposed, Predator spyware maker group has gone awfully quiet"},"content":{"rendered":"