Greece Delivers First Spyware Convictions in Landmark Predator Surveillance Case
Four Intellexa executives sentenced to eight years in surveillance scandal that targeted 87 individuals and exposed dual-track state monitoring system.
An Athens court convicted four executives linked to Predator spyware on February 26, delivering Greece’s first criminal sentences in a surveillance operation that monitored 87 politicians, journalists, and military officials between 2020 and 2022.
The court found Tal Dilian, founder of Intellexa, his business partner Sara Aleksandra Fayssal Hamou, Greek businessman Felix Bitzios, and Giannis Lavranos guilty of violating personal data confidentiality and breaching telecommunications privacy. Each received a combined sentence of 126 years and eight months, with eight years to be served immediately, though all remain free pending appeal.
The verdict closes one chapter in what local media dubbed Al Jazeera called “Greek Watergate,” but leaves fundamental questions about state involvement unanswered. In July 2024, Greece’s Supreme Court concluded that no state ministry or agency had used Predator Spyware, yet 27 of the 87 Predator targets were simultaneously under Surveillance by Greece’s national intelligence service (EYP), including government ministers and senior military officers—an overlap critics say suggests coordination.
The Dual-Track Surveillance System
The scandal erupted in early 2022 when investigative journalist Thanasis Koukakis discovered he had been wiretapped by EYP and that his phone had also been infected with Predator, sophisticated software capable of infiltrating mobile phones, accessing messages and photos, and remotely activating microphones and cameras. The dual targeting—once through legal state surveillance, once through illegal spyware—became the scandal’s defining feature.
Among those under surveillance were politicians including Dimitris Avramopoulos, Giorgos Gerapetritis, Kostis Hatzidakis, Thanos Plevris, and Nikos Dendias, businessmen, journalists, EYP cadres, at least one Metropolitan bishop, and the editor of daily Kathimerini, Alexis Papachelas. According to reporting by Wikipedia, seven SMS messages sent to infect targets contained data about COVID-19 vaccination appointments—information only accessible through EYP surveillance.
Investigators revealed a dual-track monitoring system where targets were tracked via illegal Predator spyware and, in many cases, simultaneously placed under “legal” surveillance by EYP. The government has consistently denied any connection, insisting the overlap was purely coincidence and that no state law-enforcement agency ever procured or utilized Predator.
Political Fallout and Resignations
Prime Minister Kyriakos Mitsotakis placed EYP under his personal control in 2019, assigning responsibility to his nephew Grigoris Dimitriadis, and appointed Panagiotis Kontoleon as EYP chief after changing qualification requirements. The scandal forced both men to resign in August 2022. According to Al Jazeera, Mitsotakis’s government acknowledged lawfully monitoring Socialist party leader Androulakis but has denied any wrongdoing regarding Predator.
“This is the first conviction for the use of spyware in Greece but is nothing more than a good start because even now very serious crimes have not been investigated, such as the crime of espionage.”
— Zacharias Kesses, lawyer for Predator victims
The targeting of journalists led Greece to plummet from 70th to 108th place on the 2022 Reporters Without Borders Press Freedom ranking, the lowest position among EU countries.
The Intellexa Network and Cyprus Connection
Dilian, a former Israeli soldier, founded Intellexa, which marketed Predator in Greece. ICIJ reporting reveals that Intellexa built a far-reaching corporate network stretching across Europe—from North Macedonia to Hungary to Greece to Ireland—with a significant presence in Cyprus.
Predator is developed by Cytrox, originally based in North Macedonia, now part of the Intellexa Alliance group led by Dilian, a former Israeli intelligence member who also acquired Maltese citizenship through a passport sales scheme. Cyprus gave Dilian the ability to sell spyware without seeking approval from Israeli regulators while still allowing him to recruit hacking experts from Israel’s security establishment.
The European Parliament’s PEGA Committee investigated spyware abuses across the EU, issuing country-specific recommendations for Poland, Hungary, Spain, Cyprus, and Greece. Cyprus became a hub for Israeli surveillance firms seeking to operate within EU borders while avoiding Israeli export controls. According to one 2019 estimate, 29 Israeli-owned surveillance companies operated on the island.
In 2024, the U.S. government sanctioned Intellexa and several linked companies, along with Dilian and Hamou, for developing Predator spyware used to target Americans, including government officials and journalists. Intellexa and its entities were blacklisted by the U.S. Department of Commerce for engaging in activities contrary to U.S. national security interests.
Broader EU Spyware Crisis
- First criminal convictions for Predator spyware use in Europe set precedent for accountability
- Court ordered further investigation into potential espionage charges and third-party involvement
- 27 of 87 targets simultaneously monitored by both illegal spyware and state intelligence
- Case exposes regulatory gaps allowing Israeli surveillance firms to operate via Cyprus and Greece
- Victims considering appeal to European Court of Human Rights over inadequate investigation
The Greek case sits within a broader pattern of EU spyware abuse. An investigation found Intellexa alliance products in at least 25 countries across Europe, Asia, the Middle East and Africa, with corporate entities in France, Germany, Greece, Ireland, Czech Republic, Cyprus, Hungary, Switzerland, Israel, North Macedonia, and the UAE. According to Amnesty International, targets included UN officials, U.S. Senator John Hoeven, U.S. Congressman Michael McCaul, and the presidents of the European Parliament and Taiwan.
The court agreed to forward trial records to prosecutors for examination of both the convicted defendants and other individuals potentially implicated in the case, with prosecutors noting the scale, organization, and technical sophistication warranted examination of whether aspects could fall under Greek espionage provisions. Investigators flagged a supermarket employee whose prepaid card paid for malicious messages sent against 49 targeted individuals, and eight more individuals are expected to be investigated for alleged collaboration.
What to Watch
The February 26 verdict opens a new investigative phase. According to lawyer Christos Kaklamanis, the court requested that all individuals identified as Predator-linked message recipients who did not file complaints—including political figures and senior armed forces members—be called to testify, with timing critical as certain offenses risk becoming time-barred.
Debate continues about whether the Supreme Court’s investigation was sufficient, with some Predator targets considering taking their fight to the European Court of Human Rights. The case tests whether EU member states can hold surveillance vendors accountable when state agencies remain shielded from prosecution—a question with implications far beyond Greece as commercial spyware proliferates across democratic societies.
The convictions represent what TechCrunch notes is the first known time a spyware maker has been sentenced to jail following the misuse of their technology. Whether prosecutors pursue espionage charges—and whether they follow the evidence into government offices—will determine if this verdict marks genuine accountability or merely punishes the messengers while protecting the clients.