MEP investigating Pegasus abuses was himself hacked with the spyware
While investigating the abuses of the Pegasus spyware, one of the members of the relevant European Parliament committee himself became a victim. According to a new investigation by Citizen Lab, the attack was likely carried out by the same Pegasus operator who monitored independent journalists and opposition activists from Russia and Belarus in Europe. The Guardian writes about this.

Pegasus is spyware developed by the Israeli company NSO Group. It is sold to government agencies and is officially intended for investigating serious crimes and combating terrorism. However, the Pegasus Project investigation, published in 2021 by The Guardian together with an international consortium of journalists, showed that the program was also used against journalists, human rights activists, politicians, and other representatives of civil society.
Following this, in March 2022, the European Parliament created a special committee, PEGA, which was tasked with clarifying the scale of the use of Pegasus and other spyware in violation of European Union law.
Stelios Kouloglou, a journalist and then-MEP from the Greek Syriza party, joined the committee immediately after its creation. According to Citizen Lab, the first infection of his phone occurred on October 21, 2022 — approximately seven months after he began working with PEGA.
At that time, Kouloglou was in hospital after a scheduled operation.
A repeat infection of the phone was recorded on March 6 and 7, 2023, when the Pega committee was working on the final version of the Pega report. During these days, the politician was traveling from Athens to Brussels.
Although researchers were unable to determine which specific government client used Pegasus against Kouloglou, they believe the attack was carried out by the same operator who previously monitored seven independent journalists and opposition activists from Russia and Belarus residing in Europe (an attack notification was received by the head of the "European Belarus" campaign, Andrei Sannikov, and the editor-in-chief of "Charter-97," Natallia Radzina). According to Citizen Lab, this is indicated by the use of the same unique Apple ID address during the attacks. Researchers also believe that this government client likely held licenses to use Pegasus in Greece and Belgium.
Citizen Lab Senior Researcher John Scott-Railton called this case "the bitter irony of Europe's spyware crisis." According to him, a person investigating the use of Pegasus himself became its victim, and the recommendations of the Pega committee were then effectively ignored.
According to the researcher, if the situation does not change, other MEPs may become the next victims. He does not rule out that some parliamentarians are already participating in votes and closed meetings, unaware that their phones have been turned into espionage devices.
Comments