(MENAFN- The Arabian Post)

A sanctioned spyware vendor's capability to view government surveillance feeds through its own platform has intensified global scrutiny over the boundaries of state monitoring and private-sector intrusion. Researchers examining Intellexa's Predator spyware found that the firm had the technical capacity to access data streams from government clients in real time, raising alarm among security experts and rights groups about the scale of oversight failures.

The findings emerged from a technical analysis of Predator's architecture, highlighting how the tool's command-and-control system allowed operators to retrieve messages, calls, keystrokes and device sensor data from targeted phones almost instantaneously. According to researchers, the investigative trail pointed to the company having visibility over these operations, although authorities have not publicly confirmed which governments were involved. The revelations underscore long-standing concerns about commercial surveillance firms retaining visibility into state-level espionage, a situation analysts describe as a systemic vulnerability rather than an isolated lapse.

Intellexa, founded by former Israeli intelligence officer Tal Dilian, has been the subject of international sanctions over its involvement in producing and selling offensive cyber capabilities linked to unlawful targeting of journalists, activists and opposition figures. Predator, the company's flagship product, exploits device vulnerabilities to infiltrate smartphones, often through zero-click or one-click attacks. Security specialists who reviewed the data emphasised that the spyware's deployment pathway has included hijacked advertisements and unknown zero-day vulnerabilities, enabling operators to compromise both Android and iOS devices without users detecting unusual behaviour.

Investigators reported that Predator's infrastructure was configured in a way that allowed Intellexa's systems to observe operational data from government-run surveillance campaigns. This access, according to technical experts familiar with the matter, could include live monitoring of compromised devices as well as contextual information about targets. Researchers said the setup contradicted claims by many commercial spyware vendors that they merely sell tools and do not participate in their customers' activities. Privacy analysts argue that the ability to view such feeds crosses a critical threshold, blurring the line between supplier and operator and heightening risks of misuse across multiple jurisdictions.

See also Musk Unveils X Chat with Bitcoin-Style Encryption

The company has faced mounting pressure across Europe and the United States as authorities examine the spread of Predator within political and media circles. Investigations in Greece and Cyprus have scrutinised the role of companies linked to Intellexa in phone surveillance scandals involving journalists and political figures. Although formal charges in several jurisdictions remain pending, the growing body of technical evidence has supported claims that the surveillance infrastructure surrounding Predator extended far beyond isolated misuse.

Security researchers described the findings as shedding new light on how commercially developed spyware operates at an architectural level. They noted that government buyers often assume exclusive control over surveillance missions once a product is purchased, but the technical design uncovered suggests the vendor maintained a privileged position within the operational chain. Former intelligence officials interviewed for analysis explained that such an arrangement would be highly unusual in traditional government-grade systems, where access is typically segregated to prevent vendor intrusion and ensure accountability.

Predator's ability to compromise high-value targets has been documented over several years, with confirmed cases involving reporters, human rights advocates and political advisers. Digital forensics teams said the spyware's persistence mechanisms allow long-term monitoring, sometimes lasting months, without triggering detectable anomalies. The latest research indicates that this sensitive information could have been visible to the spyware's developers, intensifying concerns about espionage vulnerabilities and commercial exploitation of intelligence data.

Privacy experts expressed alarm that such surveillance capabilities could proliferate further as more firms enter the offensive cyber market. They warned that the combination of sophisticated zero-day exploits and opaque vendor relationships reduces oversight and creates opportunities for abuse. Civil society groups have argued that the situation uncovered illustrates structural weaknesses in global surveillance regulation, where export controls, sanctions and legal safeguards often lag behind technological advancements.

See also AI Powers Field Service Transformation in 2025

Governments across the European Union and the United States have been reviewing their frameworks on spyware procurement following disclosures about Predator and other tools such as Pegasus. Technical specialists advising policymakers have stressed that reforms must focus on transparency, vendor accountability and strict auditing of surveillance operations to prevent private companies from accessing state intelligence streams. Lawmakers who have followed the investigations said the Intellexa case underlines the need for clearer international norms and enforceable restrictions on offensive cyber technologies.

Notice an issue? Arabian Post strives to deliver the most accurate and reliable information to its readers. If you believe you have identified an error or inconsistency in this article, please don't hesitate to contact our editorial team at editor[at]thearabianpost[dot]com. We are committed to promptly addressing any concerns and ensuring the highest level of journalistic integrity.

MENAFN05122025000152002308ID1110441205