Intellexa’s Predator spyware used to hack iPhone of journalist in Angola, research says

A prominent Angolan journalist has fallen victim to a sophisticated phone-hacking operation using Intellexa’s notorious Predator spyware, marking yet another alarming case of commercial surveillance tools being weaponized against civil society figures worldwide.

According to a new report from Amnesty International published Tuesday, local journalist and press freedom activist Teixeira Cândido was targeted with a series of malicious links sent via WhatsApp during 2024. The attacks, which originated from government customers of Intellexa, ultimately succeeded when Cândido clicked on one of the phishing messages, compromising his iPhone.

The revelation adds Angola to the growing list of countries where Predator spyware has been deployed against journalists, activists, and political figures. Previous investigations have uncovered similar abuse in Egypt, Greece, and Vietnam, where researchers found evidence of the software being used to target U.S. officials through links sent on X (formerly Twitter).

Amnesty’s forensic analysis revealed that the hackers employed sophisticated techniques to maintain stealth. The Predator spyware impersonated legitimate iOS system processes to avoid detection, demonstrating the advanced capabilities of commercial surveillance tools. Even more concerning, the researchers discovered multiple domains linked to Intellexa’s infrastructure operating within Angola as early as March 2023, suggesting systematic deployment rather than isolated incidents.

The case highlights the persistent threat posed by companies like Intellexa, which operates through an “opaque web of corporate entities” to circumvent export controls and international sanctions. Despite facing restrictions from the U.S. government, including sanctions against founder Tal Dilian and business partner Sara Aleksandra Fayssal Hamou, the company has continued its operations.

What makes this case particularly troubling is the evidence suggesting that Intellexa employees may have had direct access to customers’ surveillance operations. Leaked internal documents revealed last year showed the company possessed capabilities to remotely access government systems, potentially giving them visibility into surveillance targets and operations.

The targeting of journalists like Cândido represents a dangerous escalation in the use of commercial spyware. Press freedom advocates warn that such surveillance not only threatens individual privacy but undermines democratic institutions by creating a chilling effect on investigative journalism and free speech.

Amnesty’s investigation also revealed a disturbing technical detail: despite Cândido’s iPhone running an outdated version of iOS at the time of the attack, the specific exploit used to compromise his device remains unclear. The spyware was eventually wiped when Cândido rebooted his phone several hours after the initial infection.

The Angolan case exemplifies a broader pattern of abuse documented by researchers worldwide. For every confirmed incident, experts believe many more go undetected, hidden behind layers of technical sophistication and corporate obfuscation. The commercial surveillance industry continues to thrive despite growing international condemnation, with companies adapting their operations to evade legal restrictions while maintaining their ability to conduct intrusive surveillance.

As governments increasingly turn to private companies for surveillance capabilities, the line between legitimate national security operations and the targeting of civil society becomes dangerously blurred. The case of Teixeira Cândido serves as a stark reminder that in the digital age, the tools of surveillance are more accessible than ever, and the consequences for press freedom and human rights are profound.

Spyware scandal rocks Angola
Journalist hacked with Predator spyware
Intellexa under fire again
Government surveillance gone rogue
Amnesty exposes digital spying
iPhone hacked through WhatsApp
Commercial spyware abuse continues
Press freedom under attack
Digital rights violation
Government hacking exposed
Angolan journalist targeted
Predator spyware strikes again
Amnesty International investigation
Tech surveillance controversy
Civil society surveillance
Digital privacy at risk
Government spyware customers
iPhone security breach
WhatsApp phishing attack
Commercial surveillance industry
Intellexa sanctions evasion
Digital human rights abuse
Press freedom threatened
Government hacking tools
Spyware company controversy
Digital surveillance exposed
iPhone hacking methods
Government targeting journalists
Commercial spyware dangers
Digital privacy violation
Press freedom crisis
Government surveillance abuse
Digital rights under threat
iPhone security compromised
WhatsApp security breach
Commercial surveillance risks
Government digital spying
Digital human rights
Press freedom endangered
Government surveillance tools
Spyware industry exposed
Digital privacy concerns
Press freedom under threat
Government digital surveillance
Commercial spyware threats
Digital rights violation
Press freedom at risk
Government spying exposed
Digital privacy at stake
Commercial surveillance dangers
Government targeting activists
Digital human rights crisis
Press freedom compromised,