The U.S. government put Intellexa and Cytrox, two European spyware makers, on an economic denylist on Tuesday.
The addition of the two companies, based in Greece and Hungary, as well as two related entities in Ireland and North Macedonia, is part of a wider effort from the Biden administration against makers of malware that is sold exclusively to law enforcement and intelligence agencies.
The U.S. Commerce Department accused the two companies of “trafficking in cyber exploits used to gain access to information systems, thereby threatening the privacy and security of individuals and organizations worldwide,” and considered that their activities threaten U.S. national security.
In practice, Intellexa, maker of spyware called Predator, and Cytrox are now on what is called the Entity List, which means that the Commerce Department’s Bureau of Industry and Security (BIS) will now review any application to export goods or services from the U.S. to these companies, “under a presumption of denial,” meaning they will likely be denied.
Intellexa did not immediately respond to a request for comment. Cytrox could not be reached for comment.
In 2021, Meta and the digital rights watchdog Citizen Lab accused Cytrox customers of using the company’s spyware to hack politicians and journalists. Last year, Greek police raided the office of Intellexa following a wide-ranging scandal involving the spyware maker and the Greek government, which allegedly used the technology to spy on a politician and a journalist.
In 2021, the Commerce Department put NSO Group, perhaps the most well-known seller of government spyware, and another Israeli spyware maker called Candiru, on the denylist.