Pakistan rubbished claims published in an Amnesty International report on Thursday that a spyware, manufactured by an Israeli company, was actively being used in the country.<\/p>\n
According to a senior intelligence officer, who spoke to Dawn on condition of anonymity, the report was an \u201can attempt to malign Pakistan\u201d.<\/p>\n
\u201cThere is not an iota of truth in it,\u201d he stressed.<\/p>\n
The official was referring to a claim made in the Amnesty International investigation, titled \u201cIntellexa Leaks\u201d, which described the story of a human rights lawyer based in Pakistan. The lawyer, according to the report, had approached Amnesty International in the summer of 2025 after receiving a suspicious link on WhatsApp from an unknown number.<\/p>\n
Amnesty Security Lab investigated the link and identified it as a Predator attack attempt based on the technical behaviour of the infection server. Predator is a highly invasive spyware manufactured by the Israeli company Intellexa.<\/p>\n
According to Amnesty International, the investigation was based on a combination of highly sensitive documents and other material leaked from the company, including internal company documents, sales and marketing materials, and training videos.<\/p>\n
The months-long investigation was published in collaboration with Inside Story in Greece, Haaretz in Israel, and WAV Research Collective in Switzerland.<\/p>\n
In 2023, Intellexa was fined by the Greek Data Protection Authority for failing to comply with its investigations into the company.<\/p>\n
Google started sending spyware threat notifications to several hundred of its users across various countries, including Pakistan. The accounts were identified as Predator spyware targets.<\/p>\n
How Predator works
\nIntellexa\u2019s Predator relies on \u201c1-click\u201d attacks to infect a device, which require a malicious link to be opened in the target\u2019s phone. The malicious link then loads a browser exploit for Chrome or Safari to gain initial access to the device and download the full spyware payload.<\/p>\n
Once the spyware is installed, it can access encrypted instant messaging apps like Signal and WhatsApp, audio recordings, emails, device locations, screenshots and camera photos, stored passwords, contacts, and call logs. It also activates the device\u2019s microphone.<\/p>\n
The spyware then communicates with, and uploads surveillance data to, a Predator backend server physically located in the customer\u2019s country.<\/p>\n
All data from the spyware is first relayed through a chain of anonymization servers, termed the \u201cCNC Anonymization Network\u201d to prevent the risk of exposure for the operator with the 1-click attack link.<\/p>\n
The surveillance company overcame the limitation of exposure by using different approaches to trigger the opening of an infection link on the target\u2019s phone, without requiring the target to manually click the link.<\/p>\n
Intellexa also developed a strategic infection vector, \u2018Aladdin,\u2019 which could enable silent zero-click infections of target devices anywhere in the world. The vector exploits the commercial mobile advertising ecosystem to carry out these infections.<\/p>\n
Intellexa is a surveillance company that develops spyware, with Predator as its signature product, and sells it for use by governments. According to the investigation, the company\u2019s internal operations remained largely unknown to researchers.<\/p>\n","protected":false},"excerpt":{"rendered":"
Pakistan rubbished claims published in an Amnesty International report on Thursday that a spyware, manufactured by an Israeli company, was actively being used in the country. According to a senior intelligence officer, who spoke to Dawn on condition of anonymity, the report was an \u201can attempt to malign Pakistan\u201d. \u201cThere is not an iota of […]<\/p>\n","protected":false},"author":1,"featured_media":13881,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"class_list":["post-13880","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-science-technology"],"_links":{"self":[{"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/posts\/13880","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=13880"}],"version-history":[{"count":1,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/posts\/13880\/revisions"}],"predecessor-version":[{"id":13882,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/posts\/13880\/revisions\/13882"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=\/wp\/v2\/media\/13881"}],"wp:attachment":[{"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=13880"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=13880"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/weeklyyoung.pk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=13880"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}