Predator Spyware: The Tale of Ahmed Eltantawy

Estimated read time 2 min read

Don’t you think your phone is your personal sanctuary? A place where your secrets and plans are safe? Citizen Lab’s recent findings1 beg to differ. Find out more.

Their in-depth investigation reveals how Ahmed Eltantawy, a former Egyptian MP and a presidential hopeful, was systematically targeted by Predator spyware2.

But this is more than a tale of advanced malware; it’s a glaring example of how technology can be weaponized to undermine democratic processes and human rights.

Predator Spyware Link - Screenshot from Citizenlab report
Predator Spyware Link – Screenshot from Citizenlab report

Key Findings Summarized

Before we go on, let’s recap some crucial points from the Citizen Lab report:

TargetAhmed Eltantawy, Former Egyptian MP
Spyware UsedCytrox’s Predator
Human Rights ViolatedFreedom of Expression, Assembly, and Privacy
Involved CompaniesCytrox, Sandvine
Notable Previous IncidentsPredator spyware used against other high-profile targets globally
Recommended ActionUpdate Apple Devices, Enable Lockdown Mode
Key Findings Summarized

The Dark Reality Behind Spyware Sales

According to Citizen Lab’s report, the use of mercenary spyware against Ahmed Eltantawy was an egregious violation of multiple human rights, including freedom of expression, assembly, and privacy.

Notably, this flies in the face of the justifications that spyware firms, like Cytrox, offer for their technology sales.

Egypt’s current president, Abdel Fattah el-Sisi, has been frequently criticized for his autocratic rule. The human rights abuses under his regime have been well-documented, yet companies like Cytrox seemingly turned a blind eye, failing to exercise due diligence to prevent these abuses.

The Spying Ecosystem: An Insight

Citizen Lab’s report is a grim reminder of the vulnerabilities that exist in our telecommunications ecosystem.

Despite advancements in HTTPS adoption, a single visit to a non-HTTPS website can open doors for spyware to infect your device. In Eltantawy’s case, a Sandvine PacketLogic device was used for network injection to redirect and exploit his internet request.

A Call to the Canadian Government

Interestingly, the report also emphasizes that Canadian companies have often been implicated in exporting technologies used to violate international human rights law. Citizen Lab calls upon the Canadian government to take significant steps. These include law enforcement and meaningful sanctions to prevent the export of technologies likely to be used for human rights abuses.

Immediate Steps for Users

Are you worried about your device’s security? Citizen Lab recommends immediate updates to the latest patched versions for Apple devices. Furthermore, they advise enabling Lockdown Mode, as it has been confirmed to block this particular type of attack.

  1. ↩︎
  2. ↩︎
Reza Rafati

Reza Rafati, based in the Netherlands, is the founder of An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

More From Author

+ There are no comments

Add yours