A dual U.S.-Greek national working for Meta Platforms Inc. was surveilled by surveillance-for-hire software for around one year, it was reported today.
At the time, Artemis Seaford was in Greece working as a trust and safety manager on Meta’s security policy team. Why she was hacked is unclear, but it’s now certain that her phone had been corrupted by the cyberespionage tool known as “Predator.” According to a report in the New York Times, this could make her the first American to be spied on in Europe using such technology — or at least the first we know about.
Predator spyware is made by a company called Cytrox, a somewhat mysterious cybersecurity firm headquartered in Skopje, Macedonia. In 2021, it was one of several surveillance-for-hire companies that Meta banned on its platforms after it was discovered they were surveilling as many as 50,000 of Meta’s users.
The spyware is now reportedly being used by authoritarian governments all over the world, although one would hope democratic governments are not engaging with firms such as Cytrox. In 2022, during what became known as the “Greek Watergate,” the Greek government was accused of spying on a number of its own citizens, including politicians, journalists, activists and business owners.
It seems that Seaford might have been caught up in this, but for what exact reason, she doesn’t know. She said she became suspicious after seeing her name in appear on a list of possible spyware targets. She later took her phone to Citizen Lab, a digital research unit at the University of Toronto, and the bug was revealed.
Citizen Lab later said that such a hack was “diabolical” and these mercenary-type spying firms need to be put under control. This isn’t the first time that Citizen Lab has discovered mercenary hackers essentially attacking a democracy, while a number of similar surveillance companies have already faced sanctions in the U.S.
“Like myself, many others who appear to have been targeted by Predator are ordinary citizens with no reasonable claim to being a ‘national security threat,’” Seaford tweeted today. “I hope is this story will encourage other victims of spyware abuse to speak out.”