A US and Greek national who worked in Meta’s security and trust team while based in Greece was wiretapped for a year by Greece’s national intelligence service and hacked with a powerful cyberespionage tool , according to documents obtained by the New York Times and knowledgeable officials. of the case.
This is the first known case of a US citizen being targeted in a European Union country by advanced surveillance technology, the use of which has been the subject of a growing scandal in Greece. This demonstrates that the illicit use of spyware extends beyond use by authoritarian governments against opposition figures and journalists, and has begun to infiltrate European democracies, even trapping a foreign national working for a large global company.
The simultaneous tapping of the target’s phone by the national intelligence service and the manner in which it was hacked indicate that the spy services and whoever planted the spyware, known as Predator, were working hand in hand. the hand.
The latest case comes ahead of elections in Greece, which has been rocked since last year by a growing phone tapping and illegal spyware scandal, raising accusations that the government abused the powers of its intelligence agency. espionage for illicit purposes.
The Predator spyware that infected the device is marketed by a company based in Athens and was exported from Greece with the blessing of the government, in possible violation of European Union laws which consider these products to be potential weapons, The New York Times discovered in December.
The Greek government has denied using Predator and legislated against the use of spyware, which she described as “illegal”.
“Greek authorities and security services have at no time acquired or used Predator surveillance software. To suggest otherwise is wrong,” Giannis Oikonomou, the government spokesperson, said in an email. “The alleged use of this software by non-governmental parties is the subject of an ongoing legal investigation.”
“Greece was one of the first countries in Europe to pass legislation banning the sale, use and possession of malware in December 2022, which carries the most severe legal consequences and penalties. strict for natural and legal persons involved in such an offense”, Mr. Oikonomou. continued. “The same legislation includes provisions on the restructuring of the National Intelligence Service, additional guarantees for legal supervision and the modernization of communications confidentiality procedures.”
European Union lawmakers launched their own investigation.
Greek Prime Minister Kyriakos Mitsotakis has come under pressure to explain how and why Predator was sold from Greece and used in Greece, allegedly without the government’s knowledge, against members of his own government, politicians from opposition and journalists.
He insisted that the Greek government had nothing to do with the cybersurveillance tool, but that opaque actors may have used it behind the authorities’ backs.
The latest case involves Harvard and Stanford graduate Artemis Seaford, who worked from 2020 to the end of 2022 as head of trust and safety at Meta, Facebook’s parent company, while living partly in Greece.
In her role at Meta, Ms. Seaford worked on policy issues related to cybersecurity and she also maintained working relationships with Greek and other European officials.
After seeing her name on a list of spyware targets leaked to Greek media last November, she took her phone to the University of Toronto’s Citizen Lab, one of the world’s leading forensic experts on spyware.
The lab’s report, reviewed by The New York Times, found that Ms. Seaford’s cell phone was hacked with Predator spyware in September 2021 for at least two months.
“This does not exclude the possibility of further infections, or of a period of infection extending beyond 11/16/2021,” the Citizen Lab forensic report states.
Ms Seaford filed a complaint in Athens on Friday against anyone found responsible for the hack. The suit requires prosecutors to open an investigation.
Ms Seaford also filed a request with the Greek Telecommunications Privacy Authority, an independent constitutional watchdog, asking them to determine whether Greece’s national intelligence service, known as EYP, had tapped his phone.
Two people with direct knowledge of the matter said Ms Seaford was in fact wiretapped by Greek spy services starting in August 2021, the month before the spyware hack, and for several months until ‘in 2022.
They spoke on condition of anonymity because it is illegal for them to comment publicly on EYP operations.
It could be at least three years before Ms Seaford is informed of spy agency wiretapping under Greek laws which the government has changed twice since a series of wiretapping cases came to light.
Ms Seaford is now the fourth known person to file suit in Greece over the spyware, after an investigative journalist and two opposition politicians.
In the first case, an investigative journalist, Thanasis Koukakis, also asked the constitutional monitoring authority in 2020 to inform him whether he had also been wiretapped.
Before Mr. Koukakis could get a formal response, the government quickly passed a law in 2021 that drastically restricts citizens’ right to be informed if they have been monitored by the national intelligence service. Mr Koukakis took the Greek government to the European Court of Human Rights over the law change.
The Greek government has since come under pressure to restore certain remedies allowing citizens to learn about wiretapping and seek redress if their surveillance had been abusive.
Under a law passed last year, a citizen targeted by the spy agency can now be informed — but only if they request it, and subject to approval by a commission, and at most early three years after the end of wiretapping.
It is under these new conditions that the surveillance of Ms Seaford by the Greek national intelligence service could one day be officially confirmed.
“Targets of abusive surveillance should have the right to know what happened to them and have avenues for redress, just like any other crime,” Ms. Seaford said in an interview.
She maintains there is no reasonable explanation for why she was targeted. Wiretapping in Greece is only permitted for reasons of national security or as part of serious criminal investigations.
More than a year after her surveillance by Greek intelligence services and the illegal infection of her mobile device with spyware, no charges have been brought against her and she has not been asked to cooperate with authorities as part of any investigation.
“In my case, I don’t know why I was targeted, but I don’t see any reasonable national security concerns behind it,” Ms Seaford said. Meta and the U.S. Embassy in Athens declined to comment.
The targeting of Ms Seaford by the Greek intelligence agency and elements of her case have already been reported by the Greek newspaper Documento.
In Ms. Seaford’s case, it appears that information gleaned from the wiretap may have contributed to the ruse used to plant the spyware, according to the timeline established by forensic analysis and submitted to the Greek prosecutor.
In September 2021, Ms Seaford made an appointment for a booster shot of the Covid-19 vaccine via the Greek government’s official vaccination platform.
She received an automated text message with her appointment details on September 17, just after midnight. Five hours later, at 5:31 a.m., according to the documents, she received another text message asking her to confirm the appointment by clicking on a link.
It was the infected link that put Predator in his phone. The vaccination appointment details in the infected text message were correct, indicating that someone had reviewed the earlier genuine confirmation and redacted the infected message accordingly.
The sender also appeared to be the national vaccine agency, while the infected URL mimicked that of the vaccination platform.
Ms Seaford, who is reluctant to get drawn into Greek party politics, where the surveillance scandal has become a hotly debated topic, said the issue of spyware and surveillance abuses should be an issue non-partisan.
“I hope that my case and others like mine will not simply be exploited, closed to avoid political costs for some, or, conversely, elevated for the political benefit of others,” she said .