NEW YORK – An American woman with dual Greek nationality working for Facebook’s parent company Meta while in Greece had her phone tapped by the National Intelligence Service EYP and infected with Predator spyware, the New York Times reported.
Artemis Seaford worked from 2020-22 as a Trust and Safety Manager for Meta while partly living in Greece, the report said, adding the simultaneous bugging of her phone and the way she was hacked “indicate that the spy service and whomever implanted the spyware … were working hand in hand.”
The New Democracy government of Prime Minister Kyriakos Mitsotakis, who has been trying to fend off a surveillance scandal that broke with news that 15,475 people had their phones monitored by EYP, has denied using Predator.
Government spokesman Giannis Oikonomou told the paper in an email that, “The Greek authorities and security services have at no time acquired or used the Predator surveillance software. To suggest otherwise is wrong.”
The government has said that someone else is using Predator – which had for a time been licensed in Greece and exported to other countries to spy on people – and Oikonomou added that, “The alleged use of this software by nongovernmental parties is under ongoing judicial investigation.”
He also noted that Greece was among the first countries in Europe to ban the sale, use or possession of spyware after the scandal put pressure on the government, which is ratcheting up again with elections coming.
“The same legislation includes provisions on restructuring of the National Intelligence Service, additional safeguards for legal surveillance and modernizing procedures on confidentiality of communications,” said Oikonomou.
But the Times said there are connections between the phone bugging and spyware infection that point toward it being done by EYP.
“It appears that information gleaned from the wiretap may have assisted the ruse used to implant the spyware,” the report said, adding that was based on a timeline established by the Citizen Lab at the University of Toronto, the world’s foremost forensics experts on spyware, submitted to a Greek prosecutor.
The lab report was reviewed by the newspaper which said the analysis found her mobile phone had been hacked with Predator in September 2021 for at least two months – before the surveillance scandal broke out and before Mitsotakis said he knew how widespread bugging was.
The paper said that two sources it didn’t identify, with direct knowledge of the case, said her phone was tapped by EYP from August, 2021 – the month before the spyware was installed – and for several months into 2022.
Seaford said she took her phone to the lab after she saw her name on a leaked list of spyware targets in the Greek news media in November, 2022, the government saying no names could be revealed, but that all the targets were being scrutinized for “national security” reasons.
IN THE NATIONAL INTEREST
“In my case, I do not know why I was targeted, but I cannot see any reasonable national security concerns behind it,” she said, and no charges have been brought against her nor has she been asked to cooperate in any investigation.
She filed a suit in Athens trying to find out who was behind the bugging and hacking, which requires prosecutors to open an investigation. But a change in Greek law brought when the surveillance scandal broke means she would have to wait three years to find out why she was bugged.
“Targets of abusive surveillance should have the right to know what happened to them and have means of redress just like every other crime,” she told the paper in an interview.
In September 2021, Seaford booked an appointment for a booster shot of the COVID-19 vaccine through the official Greek government vaccination platform and received an automated SMS with details, the report said.
Five hours later she got another text, documents showed, asking her to confirm the appointment by clicking on a link, the tactic used by Predator to infect a phone.
That put her phone and its data – including conversations, texts, videos, messages and personal information – in the hands of whomever had hacked into it.
“The details for the vaccination appointment in the infected text message were correct, indicating that someone had reviewed the authentic earlier confirmation and drafted the infected message accordingly,” the paper said.
It added that the sender also appeared to be the state vaccine agency, while the infected URL mimicked that of the vaccination platform.
“My hope is that my case and others like mine will not just be instrumentalized, shut down to avoid political cost for some, or, conversely, elevated for the political gain of others,” she said.
In her role at Meta, Seaford worked on policy questions relating to cybersecurity and she also maintained working relations with Greek as well as other European officials, the paper said.
But the report also noted the disclosure is “the first known case of an American citizen being targeted in a European Union country by the advanced snooping technology,” which could add to pressure on Mitsotakis ahead of elections.
It added that her case “demonstrates that the illicit use of spyware is spreading beyond use by authoritarian governments against opposition figures and journalists, and has begun to creep into European democracies, even ensnaring a foreign national working for a major global corporation.”