Spyware Chief Hints Greek Government Behind Phone Hacks

The convicted founder of the Predator spyware consortium has suggested that Greece’s government was behind a sweeping phone-hacking campaign, intensifying scrutiny of a scandal that has already shaken the country’s political establishment. In remarks reported by Reuters, Intellexa founder Tal Dilian said he would not be a “scapegoat,” signaled an appeal, and offered to share evidence with regulators—remarks that, taken together, point directly at official authorization for the hacks.

Dilian’s comments matter because companies selling commercial spyware typically do business only with state entities. By asserting that his technology is built for governments to use lawfully, he implicitly placed responsibility for the operations on those clients, not contractors. That’s the clearest nod yet from inside Intellexa that the Greek state may have sanctioned the operation.

What the Conviction Covers in Greece’s Predator Case

A Greek court convicted Dilian and three associates for illegally obtaining personal data tied to a mass-surveillance campaign. He received an eight-year sentence, according to court records cited in local media, and has vowed to appeal. The case centers on Predator, a mercenary spyware suite capable of infiltrating iPhones and Android devices to siphon call logs, messages, emails, and location data—often after luring targets to tap a single malicious link.

Authorities have alleged that dozens of phones were compromised in Greece. The list of victims reported by investigative outlets and confirmed by independent researchers includes senior government ministers, opposition politicians, military officials, and journalists. Despite high-profile resignations in Athens at the height of the scandal, no government official has been convicted in connection with the hacking.

A Scandal That Rocked Athens and Shook Institutions

Often dubbed “Greek Watergate,” the episode triggered the departures of the national intelligence chief and a top aide to the prime minister after revelations that journalists had been surveilled. The government has repeatedly denied purchasing Predator or directing illegal surveillance, arguing that any use of spyware in Greece was conducted by private actors or outside proper oversight. Lawmakers later moved to tighten wiretap rules and restrict the domestic sale of spyware.

For opposition parties and press freedom groups, those steps did not resolve core questions: who ordered the infections, who handled the infrastructure that delivered Predator, and which agencies or intermediaries approved targeting? The latest remarks from Dilian revive those questions and add pressure for a fuller accounting.

Forensics and Paper Trails Exposing Predator Use

Civil-society investigators have documented the operation’s technical footprint. The Citizen Lab and Amnesty Tech analyzed Predator-linked domains and confirmed infections or targeted attempts against prominent Greek figures, including an opposition leader and a financial journalist. Their reports outlined how Predator implants persist, harvest data, and can activate microphones—capabilities comparable to other mercenary tools used worldwide.

Greece’s communications privacy watchdog, the Hellenic Authority for Communication Security and Privacy (ADAE), has conducted audits and issued findings on related lawful intercept orders involving the national intelligence service. While those legal taps are distinct from spyware abuses, the overlap of targets and timelines raised alarms among lawmakers and prompted calls for stronger oversight and transparency.

International Heat on Intellexa and Its Sanctions Fallout

Outside Greece, authorities have moved aggressively against the Intellexa network. The United States imposed sanctions on Dilian and several associated entities after Predator operations touched U.S. officials and journalists, effectively cutting sanctioned actors off from the dollar system and most reputable suppliers. Earlier, U.S. trade authorities placed companies tied to Predator development on a blacklist that restricts access to American technology.

Those actions have squeezed the commercial spyware market by raising compliance risks for banks, cloud providers, and resellers. For investigators, sanctions also create paper trails: compliance checks can surface shell companies and procurement pathways that reveal how spyware licenses move from vendors to end users, including government agencies.

Why Dilian’s Hint Lands Now and Raises Political Stakes

The timing is notable. Greek courts have issued rulings, parliamentary probes have run their course, and European institutions have weighed in. The European Parliament’s inquiry into spyware use, known as the PEGA committee, criticized the patchwork of national safeguards and urged tougher guardrails, citing Greece as a cautionary case for rule-of-law risks when executive branches control surveillance with limited independent review.

By offering to provide evidence to national and international regulators, Dilian is effectively inviting cross-border scrutiny. If regulators corroborate that Predator was licensed, hosted, or tasked with state knowledge, the political fallout in Athens could be significant—especially if documentation ties infrastructure, payments, or tasking systems to public entities.

Security and Democracy at Stake Amid Spyware Fallout

Beyond legal liability, the stakes are democratic. Surveillance of journalists and opposition leaders chills reporting, deters sources, and distorts political competition. Reporters Without Borders and local media unions have warned that such practices undermine public trust and weaken institutional checks on power.

The technical front is evolving, too. Apple and Google have burned through multiple zero-day fixes in response to commercial spyware, and threat notifications to high-risk users have surged following documented Predator and Pegasus campaigns. Yet patching can’t retroactively protect past conversations or contacts already exfiltrated—a reality that keeps demand high for independent investigations and judicial remedies.

What to Watch Next in the Greek Predator Spyware Saga

Dilian’s appeal, any evidence he produces, and potential cooperation from banks and hosting providers will shape the next phase. Lawmakers in Greece and Brussels are also weighing stronger guardrails, from tighter procurement rules and export controls to clearer pathways for victims to learn if they were targeted and to seek redress.

For now, the convicted spyware chief has done what prosecutors and parliament could not: put fresh, on-the-record pressure on the question at the heart of Greek Watergate—who was really in charge of the hacks.