- OFAC removed three people tied to the Intellexa Consortium from its sanctions list.
- The individuals were previously linked to the commercial spyware Predator and had been sanctioned in 2024 and 2025.
- Advocates warned the removals could weaken deterrence as investigations continue to show Predator’s use against civil society.
On Dec. 30, 2025, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) removed three individuals tied to the Intellexa Consortium from the specially designated nationals list. The affected people are Merom Harpaz, Andrea Nicola Constantino Hermes Gambazzi, and Sara Aleksandra Fayssal Hamou. OFAC had linked them to the development, operation, and distribution of the spyware known as Predator.
Harpaz was described as a manager at Intellexa S.A.. Gambazzi was identified as owner of Thalestris Limited and Intellexa Limited; Treasury said Thalestris held distribution rights and processed consortium transactions and was the parent to Intellexa S.A.. Hamou was listed earlier as a corporate off-shoring specialist who provided managerial services, including renting office space in Greece. It is not stated whether they still hold those roles.
Predator has been active since at least 2019. The tool is marketed for counterterrorism and law enforcement but investigations have shown wider use against journalists, activists, and politicians. An Amnesty International report recently said a human rights lawyer in Pakistan was targeted via a WhatsApp message.
Recorded Future reported continued Predator use and noted: “Several key trends are shaping the spyware ecosystem, including growing balkanization as companies split along geopolitical lines, with some sanctioned entities seeking renewed legitimacy through acquisitions while others shift toward regions with weaker oversight.” It added: “Furthermore, rising competition and secrecy surrounding high-value exploit technologies are heightening risks of corruption, insider leaks, and attacks on spyware vendors themselves.”
“Any hasty decisions to remove sanctions from individuals involved in attacking U.S. persons and interests risk signaling to bad actors that this behavior may come with little consequences as long as you pay enough [money] for fancy lobbyists,” said Natalia Krapiva, senior tech legal counsel at Access Now.
Definitions:
Commercial spyware: software sold to governments or private buyers to monitor devices and data. Zero-click attack: an exploit that compromises a device without user interaction. Specially designated nationals list: a U.S. Treasury list that blocks property and transactions of targeted individuals and entities.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- Bitcoin Needs $6,000 Inflows to Close Year in the Green Soon
- BitMine scoops $97.6M ETH, now holds 4.07M; staking rises up
- Crypto Bleeds Into 2026; Bitcoin Trails Gold Chance to Rally
- DOJ Opposes DeFi Education Fund Amicus in ETH Retrial, 2026.
- XRP Monthly Golden Cross vs BTC Sparks $24 Target 2026 Early
