Pakistan has become the latest country to be targeted by Predator, one of the world’s most sophisticated commercial spyware tools, according to a forensic investigation published on Thursday by Amnesty International.
The human-rights organisation said its Security Lab had confirmed an attempted infection of a Balochistan-based lawyer’s iPhone in mid-2025 using a single-click exploit linked to Predator, a product developed by the Intellexa Consortium, an Israel-domiciled surveillance technology group.
The case marks the first publicly documented deployment of the spyware in Pakistan.
Amnesty’s findings form part of a wider exposé, “Intellexa Leaks”, produced in collaboration with Greece’s Inside Story, Israel’s Haaretz and the Swiss-based WAV Research Collective. The investigation draws on a cache of internal Intellexa documents, marketing materials and training videos that were leaked to journalists.
Predator is regarded by security researchers as a direct competitor to NSO Group’s better-known Pegasus spyware. Once installed, it grants an operator near-total access to a device, including encrypted messaging applications, microphones, cameras, location data and stored credentials. Intellexa’s marketing literature emphasises “zero-click” capabilities and the use of a proprietary anonymisation network to shield customers from attribution.
Although the report stops short of directly attributing the attempted infection to a Pakistani state agency, Amnesty noted that Predator is sold exclusively to government entities and that the command-and-control infrastructure observed in the attack was routed through servers located inside Pakistan.
Intellexa, which has faced regulatory scrutiny in Europe and was sanctioned by the U.S. Commerce Department in 2023 for activities “contrary to the national security or foreign policy interests of the United States”, declined to comment when approached by Amnesty researchers.
Google’s Threat Analysis Group separately confirmed that it had issued government-backed attacker warnings to a number of users in Pakistan whose accounts had been targeted by Predator in recent months.
The disclosure is likely to prove politically sensitive in Islamabad, where the acquisition of Israeli-origin surveillance technology by state institutions has long been a taboo subject given the absence of diplomatic relations between the two countries. Successive Pakistani governments have officially maintained a policy of non-engagement with Israel.
Rights groups have repeatedly accused Pakistani intelligence agencies of using commercial spyware to monitor journalists, opposition politicians and human-rights defenders, particularly in Balochistan and Khyber Pakhtunkhwa. Previous investigations by Citizen Lab at the University of Toronto documented the use of NSO Group’s Pegasus in the country as far back as 2021.
Neither Pakistan’s interior ministry nor the Inter-Services Public Relations, the military’s media wing, responded to requests for comment.
