Jack Recider

The Greek paper Inside Story exposed it. And once news broke out, it erupted in an explosion of articles. Then the Committee to Protect Journalists chimed in. Amnesty International echoed the story. The Council of Europe spoke up. It was news that could not be silenced.

The Greek government spoke up and said, we've never heard of this predator spyware, so clearly it's not us, okay? But now that this story made such a stink, other people started wondering if their phones were being targeted too. And so some more Greek people who thought something weird was going on on their phone sent the data to Citizen Lab for analysis.

The Greek government spoke up and said, we've never heard of this predator spyware, so clearly it's not us, okay? But now that this story made such a stink, other people started wondering if their phones were being targeted too. And so some more Greek people who thought something weird was going on on their phone sent the data to Citizen Lab for analysis.

And yeah, more instances of Predator were found. At this point, three people from Greece's civil society were confirmed to have Predator on their phone. One of these people was a journalist, and the other was the opposition leader, Nikos Andrioulakis, a politician. Now, by this time, Citizen Lab was getting pretty good at understanding how all this worked.

And yeah, more instances of Predator were found. At this point, three people from Greece's civil society were confirmed to have Predator on their phone. One of these people was a journalist, and the other was the opposition leader, Nikos Andrioulakis, a politician. Now, by this time, Citizen Lab was getting pretty good at understanding how all this worked.

First, the victim would receive a phishing text message, and these were crafty phishing messages.

First, the victim would receive a phishing text message, and these were crafty phishing messages.

Once the user clicks the link, it triggers a series of exploits on the phone. It may seem like it's just one click, but there's a whole bunch of steps that have to happen for the phone to get infected. The website exploits something within the Safari browser, which then gets a foothold on the phone. And from there, it downloads additional malware to infect the phone.

Once the user clicks the link, it triggers a series of exploits on the phone. It may seem like it's just one click, but there's a whole bunch of steps that have to happen for the phone to get infected. The website exploits something within the Safari browser, which then gets a foothold on the phone. And from there, it downloads additional malware to infect the phone.

And after a few steps, it then has the spyware binary file on the phone, which is able to watch what's going on with the camera, listen on the microphone, scrape passwords, read texts, and of course, report where the person is located. Now, the tricky thing about this malware was as soon as it would infect the phone, it would erase the tracks of the whole infection process.

And after a few steps, it then has the spyware binary file on the phone, which is able to watch what's going on with the camera, listen on the microphone, scrape passwords, read texts, and of course, report where the person is located. Now, the tricky thing about this malware was as soon as it would infect the phone, it would erase the tracks of the whole infection process.

So while it may have taken a few exploits to get it to work, those exploits were not visible to Citizen Lab since traces of how it got in were wiped. And this stinks because it means they can't go to Apple and show them this vulnerability that needs to be patched. It's like they caught the spy in the building but have no idea how he got in. So you don't know which door or window to go check on.

So while it may have taken a few exploits to get it to work, those exploits were not visible to Citizen Lab since traces of how it got in were wiped. And this stinks because it means they can't go to Apple and show them this vulnerability that needs to be patched. It's like they caught the spy in the building but have no idea how he got in. So you don't know which door or window to go check on.

And you have to think, hold on. If the Greek government paid all this money for this software, surely they didn't get it just to infect these three people. So who else is being targeted with this? People demanded that the Greek government say something now that three people had their phones infected.

And you have to think, hold on. If the Greek government paid all this money for this software, surely they didn't get it just to infect these three people. So who else is being targeted with this? People demanded that the Greek government say something now that three people had their phones infected.

And they said, oh, okay, yeah, well, we've heard of this predator spyware, but that's not something we have. Flat out denying it for a second time. But people didn't accept that as a good answer. In fact, they sort of narrowed down who would do such a thing. And they landed on, this must be the work of EYP, which is Greeks Intelligence Agency, pronounced ape. Because here's the thing.

And they said, oh, okay, yeah, well, we've heard of this predator spyware, but that's not something we have. Flat out denying it for a second time. But people didn't accept that as a good answer. In fact, they sort of narrowed down who would do such a thing. And they landed on, this must be the work of EYP, which is Greeks Intelligence Agency, pronounced ape. Because here's the thing.

This technology is supposedly only sold to intelligence agencies. So either they did it, or they know who did it, or should be investigating to find out who did it. And if they don't know who did it, then they're bad at their jobs, you know? So Ape has to know something about this.

This technology is supposedly only sold to intelligence agencies. So either they did it, or they know who did it, or should be investigating to find out who did it. And if they don't know who did it, then they're bad at their jobs, you know? So Ape has to know something about this.

And this circles back to the Greek prime minister, too, because as soon as he took office in 2019, he moved the Greek intelligence agency to be under the direct control of the prime minister's office. But not all news outlets were angry about this in Greece.