In Wired's more than 53.1 million 'visitors' every month, there is a text entitled “Spyware Scandals Cross Europe”.
The columnists explain that "the latest crisis that shook the Greek government shows that the problem surveillance of the European Union surpasses the infamous NSO Group”.
"The writing message that lured Thanasis Koukakis into what is now known as Europe's Watergate was so harmless, he barely remembers receiving it.
The Athens-based financial journalist received the message on his iPhone 12 Pro on 12/7/2021. The sender was a number he did not know. Which was not unusual for him, as he had completed three years investigating the government's changes to financial crime regulations.
Thus, he received many text messages from numbers he had not saved, but also from his acquaintances.
The specific SMS was addressed to him by name. Koukakis read "Thanasis, do you know anything about this subject?" and followed a link. He clicked and read a news story about a Greek bank scandal. He replied tersely 'no' and did not pay any further attention.
He did not know that the link he had 'opened' had disappeared from the Internet a few days later, as well as the site that hosted it. As he did not know that with the click he made, he allowed the installation of the Predator which would henceforth monitor everything he did with his mobile phone.
The smartphone continued to work without problems when, in December, Koukakis read an article about how the mother εταιρεία του Facebook, Meta είχε εντοπίσει spyware που χρησιμοποιούνταν από πελάτες σε 10 διαφορετικές χώρες. Στη λίστα ήταν και η Ελλάδα.
One of the links used to trick people into downloading the spyware was designed to look like a medium he worked on, as an editor."
Somehow fleas got into his ears. “He contacted Meta who put him in touch with researchers at Citizen Lab - a University of Toronto research unit specializing in spyware.
In March 2022, investigators informed the journalist that they were spying on him. Subsequently, Koukakis made this information public and caused an uproar. The investigation of the case by a Greek prosecutor began.
This was just the beginning.
On July 26, another person revealed that he had also received a 'spyware-infected' link: he was Nikos Androulakis, leader of PASOK, the third largest political party in Greece.
It hadn't clicked. However, the fact that someone had tried to hack the phone of an active leader of the opposition, led the Greek government to a crisis.
Two officials have resigned so far and pressure is mounting on the prime minister, Kyriakos Mitsotakis, to explain who is behind the spyware."
Meanwhile, the parliamentary group of the ND has not reacted publicly "with this heavy silence being indicative of the climate that prevails in the background, with Ministers wondering if they themselves are being watched" as Vicky Samara writes.
The fallout from the scandal reaches to the heart of the EU
“Over the past 13 months, it has been revealed that spyware targeted opposition leaders, journalists, lawyers and activists in France, Spain, Hungary, Poland and even European Commission staff between 2019 and 2021.
The European Union has already launched an investigation into its own use of spyware, but even as the 38-strong committee works to write a report to be presented in early 2023, the number of new scandals continues to grow.
What makes the scandal in Greece special is the company behind the spyware that was used.
Until this particular scandal, the surveillance software in every EU scandal had the same 'headquarters': the notorious group NSO".
It is an acronym for Niv, Shalev and Omri, names of the founders of the Israeli technology company best known for Pegasus.
"However, the spyware spying on Koukakis' phone was made by Cytrox, a company founded in the small European nation of North Macedonia and acquired in 2017 by Tal Dilian."
The Magazine has written since 26/7 about Dilian, which states that it is based in Greece, the presentation of the black van with equipment that could make the contents of smartphones within a radius of one kilometer - with the push of a button -, to Forbes and his companies, Cytrox and Intellexa which has a branch in our country.
“In the interview he gave to Forbes about the tracking truck, he said he had acquired Cytrox and absorbed the company into Intellexa's intelligence firm, which is now believed to be based in Greece.
The arrival of Cytrox in Europe's ongoing scandal shows that the problem is bigger than the NSO Group. The European Union has a thriving spyware industry of its own.
While the NSO Group struggles to survive intense scrutiny and is blacklisted in the US, its lesser-known European competitors are scrambling to get their customers.
Tellingly, over the past couple of months, Cytrox is not the only local company making headlines for hacking devices within the EU.
In June, Google discovered that Italian spyware vendor RCS Lab was 'targeting' smartphones in Italy and Kazakhstan. RCS CEO Alberto Nobili told Wired that the company condemns the misuse of its products. He declined, however, to comment on whether the cases cited by Google were examples of misuse. It was limited to "RCS personnel are not exposed to, nor participate in, activities conducted by the relevant clients".
In July, spyware made by Austria's DSIRF was found by Microsoft to have infiltrated law firms, banks and consultants in Austria, Great Britain and Panama.
"Europe is definitely a hub," says the security intelligence researcher at the cyber firmbetter safetys Lookout, Justin Albrecht.
The creator company is revealed, but not who paid for the spyware
This upheaval in the spyware industry echoes what happened in 2015, when the well-known Italian spyware company “Hacking Team” was hacked and its emails were leaked online. "After that, we started to see different players take on some of the work that Hacking Team was doing."
The commercial Companies spyware are their industry killers. They allow the hacking to take place but do not select the target. Instead, whoever orders this malware remains unknown.
When researchers find spyware on a person's phone, they can tell which company created it. But no, who paid for it. Which means it's hard to decipher who's really to blame."
And so discussions begin, such as those taking place in Greece "where the Government continues to deny that it is using the Predator against Koukakis and Androulakis. Although the head of the Greek intelligence services reportedly admitted that he was legally monitoring Koukakis' phone, using local telecommunications companies.
The prime minister said that Androulakis had been put under the same kind of surveillance, stressing that "what was done was not illegal, but it was wrong".
Resignations preceded admissions. First, the head of Greek intelligence, Panagiotis Kontoleon, resigned.
He was soon followed by Grigoris Dimitriadis, the prime minister's chief of staff (and his nephew). Mediated was the claim of the reporter network of Greece, Reporters United, that Dimitriadis existed in the same circles as people who sold Cytrox spyware.
Neither the Prime Minister's Office nor the Greek Intelligence Service responded to WIRED's request for comment."
