Intellexa Executive Delisting After US Lifts Predator Sanctions

The US Treasury has removed three individuals linked to the Intellexa consortium and its “Predator” commercial surveillance tooling from the Office of Foreign Assets Control (OFAC) Specially Designated Nationals (SDN) list, lifting the restrictions that previously barred them from doing business with US persons and entities. The delistings were published in late December 2025 and were reported this week by multiple outlets covering the commercial spyware market.

Intellexa executive delisting: what changed

The three individuals are Sara Hamou, Andrea Gambazzi and Merom Harpaz. US authorities had previously accused them of roles tied to the management, ownership, or distribution of Predator-related businesses within Intellexa’s wider network. According to reporting by Reuters, the Treasury said the removals followed petitions for reconsideration and that each person demonstrated steps to separate themselves from the Intellexa consortium.

Intellexa has been described by the US Treasury as an international web of decentralised companies that built and commercialised highly invasive spyware products. In a March 2024 action, Treasury said the consortium posed a significant national security risk, and noted ties to entities associated with Predator development and commercialisation. (That earlier Treasury action is summarised in a 2024 press release.)

Why Intellexa executive delisting matters

While the Intellexa executive delisting affects only three names, it matters because OFAC listings are a primary tool the US uses to curb the spread of commercial surveillance technology. Predator is generally classed among “mercenary spyware” tools that can take over a target device and enable tracking, data access and other covert monitoring activities. The underlying concern from policymakers is not only privacy harm, but also the risk of these platforms being used for counterintelligence purposes, or against journalists, dissidents and political opponents.

It is also a reminder that sanctions regimes can be fluid and process-driven. Delisting does not automatically imply that the broader ecosystem is “cleared”, and other Intellexa-linked individuals and entities remain under US restrictions. The Register characterised the move as part of a broader shift in posture towards commercial spyware procurement and deployment within the US government itself, pointing to recent controversy around surveillance contracting and enforcement use cases (coverage here).

For engineers and security teams, the practical takeaway is unchanged: commercial spyware remains a live threat class, and the supply chain behind it is international, well-funded and adaptive. For more on the wider embedded and enterprise security context, see eeNews Europe’s cybersecurity coverage.