- December 8, 2025
- 7:34 pm
- World News
An investigation involving journalists and human rights activists has brought to light the activities of the Intellexa group β a structure long featured in publications about digital espionage. Documents that have entered the public domain confirmed: the Predator tools and the new Aladdin system not only exist but are used to track people in different countries, without restrictions and without control.
Sources call this a “fine line,” but the leak shows β there is no line.
How Intellexa works and why it goes beyond ordinary software
The Intellexa Leaks project, compiled by Inside Story, Haaretz, and WAV with the support of Amnesty International, was the first attempt to show that the company operates far more actively than just selling programs.
The enterprise, created by a former Israeli intelligence officer, is already known for its Predator. But new data raised broader questions: how deeply the firm is involved in the exploitation of its own products.
Jurre van Bergen from Amnesty’s security lab openly states: Intellexa employees had remote access to client data. That is, they could view operation logs, see who is being tracked, at what moment an attack is conducted, and how the infection mechanism works.
If the supplier of a spy tool is involved in the process β responsibility ceases to be abstract. Both lawyers and human rights activists are considering the option where the company becomes an accomplice in human rights violations.
Who was targeted: the geography begins to take shape
The leak confirmed cases that were previously only spoken of in fragments.
In 2021, Predator was used against Greek journalist Thanasis Koukakis. This was one of the first documented attacks.
But in 2025, the story repeated β this time in Pakistan. A human rights lawyer from Balochistan became a target through ordinary WhatsApp. Experts note: such a vector of infection shows that Predator remains an active and in-demand tool for persecuting journalists and activists.
Control over personal data turns into a weapon, and this is no longer a metaphor.
Aladdin: hidden attack through advertising
Among the leaked materials are training videos and marketing documents for Aladdin β Intellexa’s new product.
This program does not require downloading files, does not require links. Infection occurs through advertising banners. The user simply opens a site where malicious advertising is displayed β and the infection starts automatically.
This model makes protection almost impossible: any audience becomes vulnerable, from ordinary citizens to political activists.
Amnesty is already preparing additional reports on the technical side of the attacks, and it is expected that new publications will be more serious than those released earlier.
Against the backdrop of Intellexa β new threats
Simultaneously, experts have noticed a rise in malicious programs not directly related to Intellexa but operating in the same direction: hacking, interception, covert operations.
One example is the Sturnus trojan for Android. It can read correspondence, steal bank passwords, and replace login screens. Such tools become part of a large ecosystem of threats, where state structures and private companies use everything β from messengers to banking applications.
What Intellexa means for global security
The Intellexa story shows how easily digital surveillance turns into an industry. And how difficult it is for the international community to respond when states and their partners are behind the use of such programs.
The consequences of this leak are not yet clear, but it is already evident: in the new realities, control over technologies becomes a matter of human rights. And a matter of political responsibility for companies that create such tools.
The editorial team of NAnews β News of Israel | Nikk.Agency is following the development of the story.
