The phone of Tayshira Candido, the chairman of the Angolan Journalists Union, has been compromised by spyware from Intellax, a cyber-security firm owned by former IDF intelligence chief Tal Dillian. This incident marks a severe escalation in tactics used by authoritarian regimes globally to surveil and silence dissenting voices, particularly journalists. The spyware, identified as Predator, allows the operator complete access to personal data including messages, emails, passwords, and even the ability to listen through the device's microphone and camera without the owner’s knowledge.

Amnesty International's report reveals that Candido began receiving suspicious WhatsApp messages from an unrecognized number in May 2024, with the sender masquerading as a member of a student activist group. After several weeks of interaction, Candido was sent a malicious link that compromised his device. Forensic analysis confirmed that communications were established between the infected device and Intellax's servers, leading to a data exfiltration of 50 megabytes. The spyware was removed following a reboot of the phone, but the attacker persistently attempted to reinfect the device with additional malicious links.

This incident not only underscores the risks faced by journalists in Angola but also implicates broader geopolitical concerns surrounding digital surveillance technologies sold to authoritarian governments with little regulation. The exploitation of such spyware poses serious threats not only to individual privacy but also to press freedom and human rights, as more journalists join the increasing list of those targeted by invasive surveillance methods.