Intellexa is a well-known commercial spyware vendor, servicing governments and large corporations. Its main product is the Predator spyware.

An investigation by several independent parties describes Intellexa as one of the most notorious mercenary spyware vendors, still operating its Predator platform and hitting new targets even after being placed on US sanctions lists and being under active investigation in Greece.

The investigation draws on highly sensitive documents and other materials leaked from the company, including internal records, sales and marketing material, and training videos. Amnesty International researchers reviewed the material to verify the evidence.

To me, the most interesting part is Intellexa’s continuous use of zero-days against mobile browsers. Google’s Threat Analysis Group (TAG) posted a blog about that, including a list of 15 unique zero-days.

Intellexa can afford to buy and burn zero-day vulnerabilities. They buy them from hackers and use them until the bugs are discovered and patched–at which point they are “burned” because they no longer work against updated systems.

The price for such vulnerabilities depends on the targeted device or application and the impact of exploitation. For example, you can expect to pay in the range of $100,000 to $300,000 for a robust, weaponized Remote Code Excecution (RCE) exploit against Chrome with sandbox bypass suitable for reliable, at‑scale deployment in a mercenary spyware platform. And in 2019, zero-day exploit broker Zerodium offered millions for zero-click full chain exploits with persistence against Android and iPhones.

Which is why only governments and well-resourced organizations can afford to hire Intellexa to spy on the people they’re interested in.

The Google TAG blog states:

“Partnering with our colleagues at CitizenLab in 2023, we captured a full iOS zero-day exploit chain used in the wild against targets in Egypt. Developed by Intellexa, this exploit chain was used to install spyware publicly known as Predator surreptitiously onto a device.”

To slow down the “burn” rate of its exploits, Intellexa delivers one-time links directly to targets through end-to-end encrypted messaging apps. This is a common method: last year we reported how the NSO Group was ordered to hand over the code for Pegasus and other spyware products that were used to spy on WhatsApp users.

The fewer people who see an exploit link, the harder it is for researchers to capture and analyze it. Intellexa also uses malicious ads on third-party platforms to fingerprint visitors and redirect those who match its target profiles to its exploit delivery servers.

This zero-click infection mechanism, dubbed “Aladdin,” is believed to still be operational and actively developed. It leverages the commercial mobile advertising system to deliver malware. That means a malicious ad could appear on any website that serves ads, such as a trusted news website or mobile app, and look completely ordinary. If you’re not in the target group, nothing happens. If you are, simply viewing the ad is enough to trigger the infection on your device, no need to click.

How to stay safe

While most of us will probably never have to worry about being in the target group, there are still practical steps you can take:

• Use an ad blocker. Malwarebytes Browser Guard is a good start. Did I mention it’s a free browser extension that works on Chrome, Firefox, Edge, and Safari? And it should work on most other Chromium based browsers (I even use it on Comet).
• Keep your software updated. When it comes to zero-days, updating your software only helps after researchers discover the vulnerabilities. However, once the flaws become public, less sophisticated cybercriminals often start exploiting them, so patching remains essential to block these more common attacks.
• Use a real-time anti-malware solution on your devices.
• Don’t open unsolicited messages from unknown senders. Opening them could be enough to start a compromise of your device.

---

We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

Intellexa staff members connected directly to at least 10 deployed Predator customer systems using TeamViewer commercial remote administration software, a leaked 2023 internal training session revealed. It exposed how the sanctioned mercenary spyware vendor retained privileged access to government surveillance operations including the ability to view live targeting data, infection attempts, and potentially access dashboards containing collected surveillance data from victims.

The "Intellexa Leaks" investigation published jointly by Inside Story, Haaretz, WAV Research Collective, and Amnesty International's Security Lab provides unprecedented visibility into internal operations of a commercial surveillance company whose Predator spyware has been linked to human rights abuses across countries.

The leaked materials, including internal documents, sales and marketing material, and training videos, expose how Intellexa operates despite US Treasury sanctions imposed in March 2024 and extensive public scrutiny from civil society and technology companies.

Direct Access to Ten Customer Systems

The TeamViewer control panel, briefly visible in the leaked training recording, showed at least 10 potential customers identified with code names including Dragon, Eagle, Falcon, Flamingo, Fox, Glen, Lion, Loco, Phoenix, and Rhino, plus one apparent Predator demo system. The visible customers represented only those through the letter F alphabetically, suggesting additional deployments beyond those shown.

Internal Intellexa business records show the company purchased seven TeamViewer licenses in June 2021, indicating remote management of deployed customer Predator systems began at least two years before the video was recorded. Amnesty International's infrastructure mapping in September 2021 found seven likely active Predator customers, consistent with the purchased license count.

When a staff member asked if they were connecting to a testing environment, the instructor stated they were accessing a live "customer environment." The video shows staff initiating remote connections without indication that customers or government end-users reviewed or approved specific connection requests.

Also read: Sanctioned Spyware Vendor Used iOS Zero-Day Exploit Chain Against Egyptian Targets

Visibility Into Live Targeting Operations

For 30 minutes, the video shows an Intellexa staff member browsing an Elasticsearch analytics dashboard displaying logs and analytics from various Predator system components assigned to a specific customer with codename EAGLE_2. The dashboard included logs from both on-premises backend systems and online systems on the public internet, containing both live and historical data.

The logging dashboard revealed live Predator infection attempts against real targets. Detailed information from at least one infection attempt against a target in Kazakhstan showed the infection URL, target's IP address, and software versions of the target's phone, though the attempt apparently failed.

Data visible in the log dashboard indicated that logs from other internal Predator backend system components were also accessible, including those storing targeting information and collected surveillance data.

Access to Customer Dashboard and Surveillance Data

During the training, the instructor switched windows on the remote Ubuntu desktop, revealing other open applications including a Chrome browser window displaying a login prompt for a system hosted at https://pds[.]my[.]admin:8884. The username "cyop" was prefilled, indicating the remote computer used by Intellexa staff had previously logged into the PDS system.

Amnesty International concluded the login prompt shown in the training video provides access to a customer's Predator dashboard—the main control panel used by customers to conduct surveillance operations including adding targets, creating new infection links, and viewing surveillance data collected from victims.

The customer targeting dashboard is referred to in internal Intellexa documentation by various names including Predator Delivery Studio, Helios Delivery Studio, and the Cyber Operations Platform. Both terms PDS and CyOP appear in the URL and username field from the training video.

The remote desktop system used by Intellexa support staff could connect to the Predator dashboard, raising alarming questions about compartmentalization of live surveillance data and targeting from the company and its staff. The video suggests Intellexa staff retained privileged network access to the most sensitive parts of the Predator system, including storage containing photos, messages, and all surveillance data gathered from victims.

New Predator Attack in Pakistan

Ongoing forensic investigations independent of the leaks, found new evidence that Predator spyware is being actively used in Pakistan. In summer 2025, a human rights lawyer from Pakistan's Balochistan province received a malicious link over WhatsApp from an unknown number.

Amnesty International's Security Lab attributed the link to a Predator attack attempt based on technical behavior of the infection server and specific characteristics of the one-time infection link consistent with previously observed Predator 1-click links. This represents the first reported evidence of Predator spyware being used in Pakistan.

The targeting comes amid severe restrictions on rights of human rights activists in Balochistan province, including increasingly common province-wide internet shutdowns.

Advertising-Based Zero-Click Infections

The leaked materials provide fresh insights into Predator infection vectors, including a new strategic vector called "Aladdin" that exploits the commercial mobile advertising ecosystem to enable silent zero-click infection of target devices anywhere in the world.

The Aladdin system infects target phones by forcing malicious advertisements created by attackers to be shown on target devices. Internal company materials explain that simply viewing the advertisement triggers infection without any need to click, using the target's public IP address as the unique target identifier.

Based on analysis of Predator network infrastructure, Amnesty International believes the Aladdin vector was supported in active Predator deployments in 2024.

Google delivered government-backed attack warnings to several hundred accounts across Pakistan, Kazakhstan, Angola, Egypt, Uzbekistan, Saudi Arabia, and Tajikistan associated with Intellexa customers since 2023.