U.S. sanctions maker of Predator spyware 

The Biden administration sanctions individuals and entities behind the commercial surveillance tool implicated in human rights abuses.
A 12-year-old boy looks at an iPhone screen on December 19, 2023 in Bath, England. (Photo by Matt Cardy/Getty Images)

The U.S. Treasury Department on Tuesday sanctioned the makers of the notorious Predator spyware, a move that marks an escalation in the Biden administration’s attempts to counter the proliferation and misuse of commercial spyware. 

The entities sanctioned by the U.S. government include two executives and five corporate entities in what is known as the Intellexa Consortium — a business vehicle responsible for developing and marketing the Predator spyware.

Brian E. Nelson, the Treasury Department’s top sanctions official, said in a statement that the sanctions aim to discourage the misuse of commercial surveillance tools that “increasingly present a security risk to the United States and our citizens.”

Researchers have identified Predator being used in a range of human rights abuses, including the targeting of dissidents, journalists and political officials, but the tool is only one of a growing number in a rapidly expanding spyware industry selling highly intrusive surveillance capabilities. According to the Treasury Department, Predator has been implicated in the targeting of American government officials, journalists and policy experts.


Industry officials argue their tools are essential to combat criminal and terrorist groups relying on encrypted communications tools, but the failure to limit their use to such contexts has led officials in Washington to seek ways to force the industry to adopt better guardrails. 

A senior administration official speaking to reporters on condition of anonymity ahead of the sanctions’ announcement said companies in the spyware industry face two paths, one in which they “implement safeguards to ensure responsible use of their tools” and another in which “there are consequences for those vendors that flout safeguards and seek to profit on continued misuse of their tools.”

According to the senior administration official, the move against Intellexa represents an escalation of U.S. efforts to combat spyware misuse. The Biden administration has previously added spyware companies, including Israel’s notorious NSO Group, to the Commerce Department’s Entity List, which bans U.S. firms from certain transactions with listed firms. But Tuesday’s sanctions marks the first time the Treasury Department has levied financial sanctions against firms and individuals in the spyware industry, the official said. 

The sanctions target Tal Jonathan Dilian, a retired Israeli military officer who is the founder of the Intellexa Consortium, and Sara Aleksandra Fayssal Hamou, whom the Treasury Department describes as a “a corporate off-shoring specialist who has provided managerial services to the Intellexa Consortium.” 

Efforts to reach Dilian and Hamou for comment on Tuesday were unsuccessful. 


The five corporate entities sanctioned Tuesday include firms operating in Greece, Hungary, Ireland and North Macedonia under the names Intellexa, Cytrox and Thalestris Limited. The official noted that these firms’ corporate registrations in Europe highlight the role played by firms on the continent in enabling human rights abuses. Cytrox and Intellexa were added to the Commerce Department’s Entity List last year.

Human rights researchers and technology firms have called on officials in Europe to take a stronger line against European commercial spyware firms implicated in human rights abuses. 

John Scott-Railton, a researcher at the University of Toronto’s Citizen Lab who has written extensively about the spyware industry, applauded the move, describing the sanctions as a “thunder clap” that will have a “rolling and chilling effect throughout the industry.” 

According to Scott-Railton, Tuesday’s sanctions also illustrate the divide between how Europe and the United States have sought to curb abuses in the spyware industry. European corporate entities have been deeply implicated in abuses linked to Predator, and despite having sanctions power, European officials have declined to move against these firms. “Europe’s inaction is deeply puzzling,” Scott-Railton said. 

Tuesday’s sanctions come on the heels of a report last week that detailed the technical infrastructure used by Predator. After a pair of reports revealed how Intellexa had rebuilt its technical infrastructure after an earlier exposure last year, the firm dismantled its infrastructure over the weekend. 


AJ Vicens contributed reporting to this article. 

Elias Groll

Written by Elias Groll

Elias Groll is a senior editor at CyberScoop. He has previously worked as a reporter and editor at Foreign Policy, covering technology and national security, and at the Brookings Institution, where he was the managing editor of TechStream and worked as part of the AI and Emerging Technology Initiative. He is a graduate of Harvard University, where he was the managing editor of The Harvard Crimson.

Latest Podcasts