A U.S. and Greek national, Artemis Seaford, who worked for Meta’s trust and safety team while headquartered in Greece, was subjected to a year-long wiretap by the Greek national intelligence service and compromised using a strong cyber espionage tool.
It shows that the illegal use of spyware is expanding beyond authoritarian governments’ use against journalists and opposition figures. It has started infiltrating European democracies, even ensnaring a foreign national working for a significant international firm.
A Dual U.S.-Greek National Was Targeted With a Cyberespionage Tool
Although the exact cause of her compromise is unknown, it is clear that her phone had been infected with the “Predator” spyware; she might be the first American to have had such technology used to spy on her in Europe, says the report.
Documents reveal that after scheduling a Covid vaccination appointment, the state immediately sent her a confirmation SMS. Five hours later, however, she received another SMS requesting her to confirm the appointment by clicking on a link. Predator was downloaded onto her phone via this malicious link.
Notably, Predator spyware is produced by Cytrox, a mysterious cybersecurity company headquartered in Skopje, Macedonia. It was one of several firms offering surveillance-for-hire services that Meta suspended from its platforms in 2021 after learning they were spying on as many as 50,000 Meta members.
The Greek government has denied using Predator and passed legislation prohibiting spyware use, which it has called “illegal.”
“The Greek authorities and security services have at no time acquired or used the Predator surveillance software. To suggest otherwise is wrong,” according to Giannis Oikonomou, the government spokesman.
“The alleged use of this software by nongovernmental parties is under ongoing judicial investigation.”
Reports say Seaford claimed that after reading her name on a list of potential spyware targets, she became concerned. Later, she brought her phone to Citizen Lab at the University of Toronto’s digital research center, where the flaw was discovered.
According to the lab findings, Ms. Seaford’s smartphone had at least two months of Predator spyware installed in September 2021.
“This does not preclude the possibility of other infections, or of an infection period extending beyond 2021-11-16,” the forensic report by Citizen Lab said.
Ms. Seaford filed a lawsuit in Athens against anyone determined to be the hacker. Prosecutors are required to launch an inquiry into the lawsuit.
Also, Ms. Seaford requested information from the independent constitutional watchdog Greek Authority for the Protection of the Privacy of Telecommunications, on whether the EYP, the country’s national intelligence service, had wiretapped her phone.
According to two people with personal knowledge of the situation, Ms. Seaford was wiretapped by the Greek espionage agency beginning in August 2021—the month before the spyware hack—and continuing for several months into 2022.
“Targets of abusive surveillance should have the right to know what happened to them and have means of redress just like every other crime,” Ms. Seaford said.
“In my case, I do not know why I was targeted, but I cannot see any reasonable national security concerns behind it.”
“My hope is that my case and others like mine will not just be instrumentalized, shut down to avoid political cost for some, or, conversely, elevated for the political gain of others.”
Building Your Malware Defense Strategy – Download Free E-Book