Cyber & Advisory

Cybersecurity Services
Security Awareness Training
Residency
Compliance Readiness

(Co)Managed IT

Overview
Help Desk & End User Support
NOC (Server/Network RMM)
MDR/XDR (AI-Assisted SOC)
Remote Deployment and Operations

AI Integration

Overview
Anthropic Claude
Microsoft Copilot
OpenAI ChatGPT
Google Gemini
xAI Grok
Perplexity

Managed AI

Managed Private AI
Managed Agents
Managed AI for Education
Managed AI for State & Local Government
Book a Free AI Strategy Call

Learn / Guides

AI Hub
AI Guide: Education
AI Guide: Healthcare
AI Guide: State & Local Gov
SLED AI Prompting Guide

Cloud & Data

Cloud & Infrastructure
Backup & Disaster Recovery
AI & Automation

Security & Identity

Microsoft 365 Security
Google Workspace Security
Zero Trust Access

Modern Workforce

Virtual Desktops & Apps
Digital Workspaces
Unified Endpoint Management

Public Sector

Federal Government
State & Local Government
Education
Critical Infrastructure

Regulated Sectors

Healthcare
Financial Services
Legal
Private Equity

Industry & Operations

Manufacturing
Logistics
Hospitality

By Business Size

Large Enterprise
SMB Commercial
Startups
All Industries

Cloud & Productivity

Microsoft
Google
AWS

Data Center & Compute

Dell EMC
HPE
Hitachi
Nutanix

Virtualization & Workspace

Omnissa
Red Hat
Login VSI
TURBO.NET

Backup & Secure Files

Commvault
FileCloud
View All Partners

Read

Blog
Case Studies

Intelligence & Guides

Z7 Cyber Intelligence
AI Hub

Company

Why Z7 Solutions
The Z7 Platform
Careers
Contact Us

Federal & Contracts

Contract Vehicles
Capability Statement

Intellexa

Z7-TAF THREAT SCORE
0

CLASSIFICATION

CRITICAL THREAT

15 Zero-Days | Active in 15+ Countries | Defying US Sanctions

The Mercenary Spyware Empire Defying Sanctions

The Intellexa consortium represents the most aggressive commercial spyware operation currently active. Despite US Treasury sanctions, leaked documents confirm the company retained remote access to customer surveillance systems and developed the “Aladdin” attack vector that weaponizes the commercial advertising ecosystem for zero-click infections requiring only that victims view a malicious ad on any website.

December 2025 Developments: The “Intellexa Leaks” exposed internal training videos, sales documentation, and technical specifications. The Trump administration removed sanctions on three executives on December 30, 2025.

Incident Assessments in this report

Z7-TAF Threat Actor Analysis

Full 8-dimension assessment of Intellexa's capabilities and operations

Greece Predatorgate Scandal (2022)

92 targets, PM's nephew resigned, EYP chief resigned - Z7-BAF 8.54

Intellexa Leaks Exposure (Dec 2025)

Internal operations, TeamViewer access, customer codenames exposed - Z7-BAF 7.89

The Aladdin Threat

Intellexa’s most dangerous innovation weaponizes the advertising ecosystem. They obtain a target’s IP address from cooperating mobile carriers, create a malicious ad targeting that specific IP, and serve it through standard ad networks. Simply rendering the advertisement triggers browser exploitation. No click required.

Victims encounter malicious content on trusted news sites, social media platforms, or mobile apps they use daily. This transforms every ad-supported website into a potential infection vector.

What's in the full intelligence report

This page provides an executive-level preview only. Detailed analysis, scoring methodology, and proprietary frameworks are available in the full intelligence report.