Investigation Finds Israeli Surveillance Tool Used Against Targets in Pakistan
By The Media Line Staff
Pakistani targets were found to be under surveillance using Predator, a spyware system built by the Israeli company Intellexa, according to an Amnesty International investigation released Thursday. The revelation emerged after a human rights lawyer in Balochistan sought help from the group last summer, reporting a suspicious WhatsApp link that later proved to be an attempted Predator infection.
Amnesty’s Security Lab examined the link and said it matched a pattern long associated with Predator’s one-time “1-click” attack method. Analysts traced the behavior of the server behind the message and found it consistent with previously documented Predator deployments. This is the first case Amnesty has publicly identified inside Pakistan.
The findings form part of “Intellexa Leaks,” a months-long review of internal company records, marketing files, training videos, and other confidential material that surfaced from inside the surveillance firm. The project was carried out with media partners in Greece, Israel, and Switzerland. When Amnesty submitted detailed questions about Intellexa’s operations and ownership, the company “declined to answer the questions.”
Investigators describe Predator as a powerful intrusion tool sold to governments, capable of infiltrating a device through a link that triggers an exploit in browsers such as Chrome or Safari. Once active, the spyware gathers the full contents of encrypted messaging apps, email accounts, stored files and photos, location data, passwords, and call records, while also enabling microphone access. The data is then passed through a chain of anonymization servers before reaching a command system located in the client country.
The inquiry reports that Intellexa has developed additional techniques to initiate infections without requiring the target to open a link directly. These include alternate triggers that force the device to load the malicious code, as well as a separate infection vector known as Aladdin, which can operate through commercial mobile advertising channels and attempt zero-click compromise.
Google, conducting its own threat analysis, has issued warnings to hundreds of users worldwide, including in Pakistan, after detecting accounts associated with Predator-related activity.
Amnesty notes that Greek authorities fined Intellexa in 2023 for failing to cooperate with their inquiries, adding that much of the company’s internal structure remains opaque even after the latest disclosures.
Brought to you by www.srnnews.com
