Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit

Pierluigi Paganini August 28, 2022

Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million.

Intellexa is an Israeli surveillance firm founded by Israeli entrepreneur Tal Dilian, it offers surveillance and hacking solution to law enforcement and intelligence agencies.

The Vx-undergroud researchers shared some images of several confidential documents that appear to be the commercial offer of Intellect.

Leaked documents details the purchase of an iOS Remote Code Execution zero-day exploit for $8,000,000.

The leaked documentation demonstrates that the company offers services for remote data extraction from Android and iOS devices. The offer includes remote, one-click browser-based exploits that allow threat actors to compromise both Android and iOS mobile devices. Threat actors could use these exploits by tricking targets into clicking on a link.

The company offers 10 concurrent infections for iOS and Android devices, along with a “magazine of 100 successful infections”.

exploit surveillance firm 2

The exploits should work against the Android 12 update and iOS 15.4.1, this information is important because Apple released iOS 15.4.1 in March, which means that the offer is recent. At this time it is not possible to determine if the vulnerabilities in the offered exploits have been addressed by Apple.

One of the documents of the surveillance firm provides a list of Android devices that could be targeted with the one-click exploit.

exploit surveillance firm

The documents shared by Vx-undergroud demonstrate that the surveillance industry continues to grow and that the profits could be enormous.

In June, researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with their spyware.

Many other surveillance companies made the headlines in the last months, including NSO group, Candiru, and DSIRF.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, surveillance)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment