Commercial spyware companies have sold phone-hacking tools to governments for over a decade with virtually no criminal consequences for misuse. That changed on February 26 when an Athens court convicted four individuals behind the Predator spyware — including Intellexa founder Tal Dilian — and sentenced them to eight years in prison for illegally surveilling at least 87 Greek politicians, journalists, and military officials. It is the first time anywhere in the world that commercial spyware makers have been held criminally liable for deploying their products.
Commercial spyware companies have sold phone-hacking tools to governments for over a decade with virtually no criminal consequences for misuse. That changed on February 26 when an Athens court convicted four individuals behind the Predator spyware — including Intellexa founder Tal Dilian — and sentenced them to eight years in prison for illegally surveilling at least 87 Greek politicians, journalists, and military officials. It is the first time anywhere in the world that commercial spyware makers have been held criminally liable for deploying their products.
The court also ordered investigations into felony charges including espionage and state secrets violations, potentially implicating government officials who may have directed the surveillance. But all four defendants were absent from court, the sentences are suspended pending appeal, and the Trump administration recently eased United States sanctions on several Intellexa-linked figures — raising the question of whether this verdict marks the start of real enforcement or remains a symbolic milestone in a multi-billion-dollar industry that has sold hacking tools to at least 25 countries.
Politicians, journalists, military officials, and business leaders whose phones were illegally targeted with Predator spyware in Greece between 2020 and 2022.
8 years
Maximum sentence imposed
Each defendant received a combined 126 years across all counts, capped at 8 years under Greek misdemeanor sentencing law.
25+
Countries where Predator was sold
Intellexa's spyware was deployed across Europe, the Middle East, Africa, and Asia, according to Citizen Lab and Amnesty International research.
First
Criminal convictions of spyware makers globally
No commercial spyware vendor had previously been convicted in a criminal court for the misuse of their surveillance products.
Click a figure to generate their perspective on this story
Debate Arena
Two rounds, two personas, one winner. You set the crossfire.
Choose Your Battle
Watch two AI personas debate this story using real evidence
Make predictions and set the crossfire to earn XP and cred
Select Your Champions
Choose one persona for each side of the debate
DEBATE TOPIC
SIDE A (PRO)
Select debater for this side:
✓
SIDE B (CON)
Select debater for this side:
✓
Choose personas with different perspectives for a more dynamic debate
VS
Get ready to make your prediction...
Round of
Claim
Evidence
Stakes
Crossfire Answer
Closing Statement
Claim
Evidence
Stakes
Crossfire Answer
Closing Statement
Your Crossfire Question
Generating arguments...
Who's Got This Round?
Make your prediction before the referee scores
Correct predictions earn +20 XP
Evidence
40%
Logic
30%
Detail
20%
Style
10%
Round Results
Your Pick!
+20 XP
Your Pick
Not this time
Evidence (40%)
Logic (30%)
Detail (20%)
Style (10%)
Overall Score
/10
Your Pick!
+20 XP
Your Pick
Not this time
Evidence (40%)
Logic (30%)
Detail (20%)
Style (10%)
Overall Score
/10
Set the Crossfire
Pick the question both personas must answer in the final round
Crafting crossfire questions...
Choosing a question earns +10 XP crossfire bonus
🏆
Total XP Earned
Cred Change
Predictions
Debate Oracle! You called every round!
Sharp Instincts! You know your debaters!
The Coin Flip Strategist! Perfectly balanced!
The Contrarian! Bold predictions!
Inverse Genius! Try betting the opposite next time!
XP Breakdown
Base completion+20 XP
Rounds played ( rounds x 5 XP)
+ XP
Correct predictions ( correct x 20 XP)
+ XP
Crossfire bonus+10 XP
Accuracy
%
Prediction History
Round
You picked:
✓✗
Keep debating to level up your credibility and unlock achievements
People Involved
TD
Tal Jonathan Dilian
Founder of the Intellexa spyware consortium (Convicted and sentenced to 8 years (in absentia); remains under U.S. Treasury sanctions)
Nikos Androulakis
Leader of PASOK-KINAL party; Member of the European Parliament; primary surveillance target (Pursuing further legal action, including at the European Court of Human Rights)
Former General Secretary to Prime Minister Mitsotakis; PM's nephew (Resigned in August 2022; sued journalists who reported on his connections to Intellexa)
Organizations Involved
IN
Intellexa Consortium
Commercial surveillance technology company
Status: Under U.S. sanctions; four associates convicted in Greece; operations reportedly continuing through restructured entities
A multi-jurisdictional network of companies that developed and sold the Predator phone-hacking spyware to governments in at least 25 countries.
GR
Greek National Intelligence Service (EYP)
National intelligence agency
Status: Exonerated by Greek Supreme Court prosecutor in 2024; court ordered further investigation into possible EYP involvement
Greece's intelligence service, which conducted parallel surveillance of many of the same individuals targeted by Predator spyware, and which a 2024 Supreme Court investigation cleared of involvement — a conclusion widely disputed by victims and human rights organizations.
EU
European Parliament PEGA Committee
Parliamentary committee of inquiry
Status: Concluded; recommendations adopted by European Parliament in June 2023
A European Parliament investigative committee that spent 15 months probing spyware abuse across EU member states, finding that Predator was used in Greece 'for political and economic gain.'
Timeline
Athens court convicts four Predator spyware makers
Legal
The Second Single-Member Misdemeanor Court of Athens found Tal Dilian, Sara Hamou, Felix Bitzios, and Yiannis Lavranos guilty on all counts, sentencing each to a maximum of 8 years. The court ordered further prosecutions into felony charges including espionage.
U.S. senators demand explanation for lifted spyware sanctions
Political
Senators Michael Bennet, Elizabeth Warren, and colleagues pressed the Treasury and State Departments to explain the sanctions rollback, citing risks to American citizens and journalists.
Trump administration lifts sanctions on three Intellexa-linked figures
Regulatory
The Treasury Department removed sanctions on Sara Hamou, Andrea Gambazzi, and Merom Harpaz, stating they had 'demonstrated measures to separate themselves' from the consortium. Dilian and Intellexa remain sanctioned.
Intellexa Leaks reveal continued operations despite sanctions
Revelation
An investigation by Inside Story, Haaretz, and Amnesty International published leaked internal documents showing Intellexa had continued operating, developed zero-click attack methods, and could remotely access its customers' surveillance systems.
Jury awards WhatsApp $168 million against NSO Group
Legal
A U.S. federal jury ordered NSO Group to pay $168 million in damages for deploying Pegasus spyware against 1,400 WhatsApp users — the first financial accountability verdict against a spyware company.
Greek Supreme Court clears intelligence service of Predator involvement
Legal
Deputy Supreme Court Prosecutor Achilleas Zisis concluded that no state agency used Predator — a finding that victims, Reporters Without Borders, and Human Rights Watch called a cover-up.
U.S. Treasury sanctions Intellexa founder Dilian
Regulatory
The Treasury Department designated Dilian, business partner Sara Hamou, and five Intellexa entities — the first time the U.S. had sanctioned individuals for commercial spyware misuse.
U.S. blacklists Intellexa and Cytrox
Regulatory
The Commerce Department added Intellexa and Cytrox entities in Greece, Ireland, North Macedonia, and Hungary to the Entity List for trafficking in cyber exploits.
European Parliament adopts spyware inquiry recommendations
Regulatory
The Parliament adopted the PEGA committee's findings that Predator was used in Greece 'for political and economic gain' and called for binding EU spyware regulations. The recommendations remain non-binding.
Biden signs executive order restricting spyware use
Regulatory
President Biden signed the first executive order banning U.S. government use of commercial spyware that poses national security or human rights risks.
PM Mitsotakis admits EYP wiretapped Androulakis
Political
In a televised address, the Prime Minister acknowledged the intelligence service had wiretapped the opposition leader but denied personal knowledge and insisted the surveillance was legal.
PM's nephew and intelligence chief resign within an hour
Political
Grigoris Dimitriadis, the Prime Minister's nephew and chief of staff with intelligence oversight, resigned. EYP director Panagiotis Kontoleon followed less than an hour later.
Androulakis goes public, triggering political crisis
Political
The PASOK leader publicly disclosed his surveillance and filed a complaint with the Supreme Court, igniting what became known as 'Predatorgate' — the largest political surveillance scandal in modern Greek history.
Inside Story breaks the Greek Predator story
Revelation
Greek investigative outlet Inside Story reported the confirmed Predator infection of Koukakis's phone and revealed that at least 50 Greek web domains mimicking news sites had been purchased as infection vectors.
U.S. blacklists NSO Group, signaling shift on spyware
Regulatory
The U.S. Commerce Department added NSO Group and Candiru to its Entity List for developing spyware used to target journalists and government officials — the first major regulatory action against commercial spyware vendors.
Opposition leader Androulakis targeted by Predator
Surveillance
Weeks after declaring his candidacy for the PASOK party leadership, Androulakis received a text containing a Predator infection link. He did not click it. EYP was separately wiretapping him at the time.
Koukakis's phone infected with Predator spyware
Surveillance
Koukakis clicked a malicious link that installed Predator on his device. Citizen Lab later confirmed the infection lasted until September 2021.
EYP placed financial journalist Thanasis Koukakis under surveillance for three months, citing 'national security reasons.' His phone was later also infected with Predator.
Dilian established Intellexa in Athens and acquired North Macedonian firm Cytrox, the original developer of Predator spyware, building a multi-jurisdictional surveillance consortium.
Dilian demonstrates spyware capabilities in Forbes interview
Revelation
Tal Dilian sat in a surveillance van in Larnaca, Cyprus, and showed Forbes reporters how it could hack any smartphone within 500 meters — drawing international attention to his surveillance business.
Scenarios
1
Convictions upheld on appeal, enforcement proves elusive
Discussed by: TechCrunch, Bloomberg, and digital rights organizations including the Electronic Frontier Foundation
The appeals court upholds the convictions, establishing durable legal precedent. However, since all four defendants were tried in absentia and reside outside Greece, enforcement depends on international cooperation. Greece would need to issue European Arrest Warrants or rely on Interpol — mechanisms that have historically struggled with white-collar fugitives operating across multiple jurisdictions. The precedent matters more than the prison time: other countries' prosecutors can cite the Greek ruling when building their own cases.
2
Greek prosecutors charge government officials in expanded investigation
Discussed by: Reporters Without Borders, Human Rights Watch, PASOK-KINAL party, and European Parliament members
The court's order for further prosecutions into espionage, state secrets violations, and the involvement of intelligence service personnel and 'third parties' leads to charges against Greek officials who may have directed or facilitated the surveillance. This would directly challenge the 2024 Supreme Court finding that cleared EYP. The overlap between EYP wiretaps and Predator infections — with at least 27 individuals surveilled by both simultaneously — provides prosecutors with circumstantial evidence of coordination. Political obstacles are significant: the ruling New Democracy party controls the parliamentary majority.
Discussed by: Defense attorneys for the convicted, Bloomberg legal analysts
Defense lawyers challenge the convictions on procedural grounds, arguing that the in absentia trials, the misdemeanor classification of charges that involved 87 victims, or evidentiary issues warrant reversal. Greek appeals courts have historically been receptive to procedural challenges, and the case's political sensitivity could cut either way. An overturn would not erase the precedent entirely — the trial record and initial verdict would still inform future cases — but it would significantly weaken the message to the global spyware industry.
4
Greek ruling triggers criminal investigations in other countries
Discussed by: Amnesty International, Citizen Lab, the Organized Crime and Corruption Reporting Project, and the Pall Mall Process diplomatic framework participants
Prosecutors in other countries where Predator was deployed — or where its victims reside — open their own criminal investigations, citing the Greek precedent. France, which co-leads the Pall Mall Process on spyware governance, and Germany, which previously pursued the FinFisher case, are the most likely jurisdictions. The December 2025 Intellexa Leaks, which documented operations in countries from Angola to Kazakhstan, provide evidentiary foundations. The WhatsApp v. NSO damages verdict adds civil liability pressure alongside criminal exposure.
Historical Context
FinFisher prosecution in Germany (2019-2023)
July 2019 - 2023
What Happened
German prosecutors opened a criminal investigation into FinFisher, a Munich-based spyware company, after Reporters Without Borders and other organizations filed complaints that its FinSpy tool had been illegally exported to Turkey's intelligence agency via a Bulgarian front company. Formal charges were brought against four former executives in May 2023 for violating dual-use export controls.
Outcome
Short Term
FinFisher filed for bankruptcy in 2022 after prosecutors froze its accounts, effectively dissolving the company before the trial could conclude.
Long Term
The case demonstrated both the viability and fragility of criminal prosecution against spyware makers — charges could be brought, but corporate dissolution could render them moot.
Why It's Relevant Today
The FinFisher case is the closest prior attempt at criminal prosecution of a spyware vendor. The Greek verdict succeeds where Germany's case collapsed: reaching an actual conviction. But the FinFisher pattern — defendants who are difficult to reach and corporate structures designed to evade jurisdiction — applies equally to the Intellexa case.
WhatsApp v. NSO Group verdict (2019-2025)
October 2019 - May 2025
What Happened
Meta's WhatsApp subsidiary sued NSO Group in U.S. federal court after discovering that Pegasus spyware had been deployed against approximately 1,400 WhatsApp users through a vulnerability in the app's calling feature. In December 2024, a judge ruled NSO liable. In May 2025, a jury awarded WhatsApp $168 million in damages — including $167 million in punitive damages.
Outcome
Short Term
NSO Group filed a motion for a new trial and appealed the verdict. The company faces severe financial pressure from the judgment and ongoing U.S. sanctions.
Long Term
The verdict established that spyware companies can be held financially liable in civil courts for how their products are used — a complementary accountability path to criminal prosecution.
Why It's Relevant Today
The Greek criminal conviction and the WhatsApp civil verdict together close a loop that spyware vendors long considered open: that making and selling surveillance tools carried no legal consequences. One path leads to prison sentences, the other to financial damages. NSO's appeal and the Greek defendants' appeal will determine whether both paths hold.
Hacking Team data breach and aftermath (2015)
July 2015
What Happened
A hacktivist leaked over 400 gigabytes of internal data from Italian spyware company Hacking Team, revealing that the firm had sold its Remote Control System surveillance tool to governments in Sudan, Saudi Arabia, Egypt, Ethiopia, and other countries with poor human rights records — contradicting the company's public claims of compliance with export controls.
Outcome
Short Term
The breach exposed the spyware industry's practices to unprecedented public scrutiny. Several governments temporarily suspended contracts with Hacking Team.
Long Term
Despite irrefutable documentation of sales to abusive regimes, Hacking Team was never criminally prosecuted for its surveillance activities. The company rebranded and continued operating. The episode became a defining example of exposure without accountability.
Why It's Relevant Today
The Hacking Team case illustrates the default outcome for spyware scandals prior to this verdict: public exposure, temporary embarrassment, and no legal consequences. The Greek ruling represents a departure from that pattern — but the Hacking Team precedent is a reminder that exposure alone, even on a massive scale, does not guarantee accountability.
