“Spyware Scandals Are Ripping Through Europe”
WIRED, August 15, 2022
By Morgan Meaker
“The latest crisis that rocked the Greek government shows the bloc’s surveillance problem goes beyond the notorious NSO Group.”
The text message that dragged Thanasis Koukakis into what’s being called Europe’s Watergate scandal was so innocuous, he can barely remember receiving it. The Athens-based financial journalist received the note on his black iPhone 12 Pro on July 12 last year from a Greek number he didn’t have saved. That wasn’t unusual for Koukakis, who has spent the past three years investigating the changes the government has been making to financial crime regulation. He gets a lot of messages—both from numbers he’s saved and those he hasn’t. This one addressed him directly. “Thanasis,” it read, “Do you know about this issue?” Koukakis clicked on the link that followed, which took him to a news story about a Greek banking scandal. He replied with a terse: “No.”
Koukakis, 44, did not think about the message until months later. In the days that followed, he was oblivious to the fact that the website that hosted the story he was sent had disappeared. He also did not know that by clicking on that link, he had opened an invisible door inside his phone, allowing spyware software called Predator to creep in to silently watch the messages and calls he was sending and receiving.
His phone kept working as if everything was normal, he says. Then, in December, Koukakis read a report about how Facebook parent company Meta had detected commercial spyware being used by customers in 10 different countries, including Greece. One of the links used to trick people into downloading the spyware was designed to look like CNN Greece—where he worked as an editor.
Suddenly suspicious, he contacted Meta, which connected him with researchers at Citizen Lab, a research facility at the University of Toronto that specializes in spyware. In March, they told him that he was being spied on. He went public with that information the following month, prompting uproar and an investigation by a Greek prosecutor. But the scandal was only getting started. On July 26, another person revealed he had also received a link infected with Predator spyware: Nikos Androulakis, leader of PASOK, Greece’s third largest political party.
Androulakis did not click on the infected link. But the fact someone had attempted to hack the phone of a serving opposition leader tipped the Greek government into crisis. Two officials have resigned so far and pressure is mounting on Prime Minister, Kyriakos Mitsotakis, to explain who’s behind the spyware.
The ripple effects of the scandal are reaching the heart of the European Union. Over the past 13 months, it has been revealed that spyware had targeted opposition leaders, journalists, lawyers and activists in France, Spain, Hungary, Poland and even staff within the European Commission, the EU’s cabinet-style government, between 2019 and 2021. The bloc has already set up an inquiry into its own use of spyware, but even as the 38-person committee works toward producing a report for early 2023, the number of new scandals is quickly mounting up.
About the Author:
Morgan Meaker is a senior writer at WIRED covering European business. Before that, she was a technology reporter at The Telegraph and also worked for Dutch magazine De Correspondent. In 2019 she won Technology Journalist of the Year at the Words by Women Awards. She was born in Scotland, lives in London, and is a graduate of City University’s International Journalism MA program.