‼️🇮🇱 Smartphones worldwide were silently infected with Israeli malware via malicious ads Simply viewing their ads was enough to get infected. Surveillance company Intellexa gained full access to cameras, microphones, chat apps, emails, GPS locations, photos, files, and browsing
Internal leaked company documents, sales and marketing materials, as well as training videos from the “Intellexa Leaks” investigation provide a never-before-seen glimpse into the internal operations of a mercenary spyware company focused on exploiting vulnerabilities in mobile
In an attempt to hide the spyware operator's identity, all data is relayed through a chain of anonymization servers called the “CNC Anonymization Network.” Since the spyware relies on browser exploits, the operator must trick the victim into opening the malicious link; if the
To avoid detection, Intellexa has designed several “delivery vectors”—different approaches to triggering the opening of an infection link on the target’s phone without requiring the target to manually click it. This enables Intellexa to offer zero-click-like functionality without
One slide shows they’ve been buying or partnering with ISPs to deliver their malicious payloads.
Ongoing research and technical investigations by Amnesty International indicate that advertisement-based infection methods are being actively developed and used by multiple mercenary spyware companies and by certain governments that have built similar ADINT infection systems.
Despite Intellexa being sanctioned by the US, they're still operating.
Read the full Amnesty report:
