EU Lawmaker Who Probed Spyware Abuse Was Targeted With Pegasus, Researchers Say

A former EU lawmaker who investigated spyware abuse was secretly targeted with Pegasus spyware, according to researchers at Citizen Lab.

A former member of the European Parliament who helped investigate the misuse of surveillance technology across the European Union was himself targeted with Pegasus spyware, according to researchers at Canada’s Citizen Lab on Friday.

Citizen Lab said in a new report that the mobile phone of Stelios Kouloglou, a Greek journalist and former EU lawmaker, was compromised at least three times between October 2022 and March 2023 using Pegasus, sophisticated spyware developed by Israel’s NSO Group.

At the time of the alleged cyberattacks, Kouloglou was serving on the European Parliament’s PEGA Committee, established in 2022 to investigate the unlawful use of spyware across European Union member states. The committee examined the deployment of Pegasus and similar surveillance tools, concluding that several governments had likely used such technologies both legally and unlawfully.

Reacting to the findings, Kouloglou said he was stunned that a member of the committee investigating spyware abuse had become a target.

“I was not expecting that a PEGA member would be spied on by Pegasus,” he told Reuters. “I was not expecting that they would be as reckless as that.”

NSO Group did not immediately respond to requests for comment on the allegations.

In a statement to Reuters, the European Parliament did not comment directly on Kouloglou’s case but said its cybersecurity teams continuously monitor threats targeting the institution. It added that spyware detection tools have been available to all lawmakers since 2022 and noted that a report adopted last month recommended extending those protections to every device used for parliamentary work.

The European Commission, the EU’s executive arm, also did not immediately respond to requests for comment.

NSO Group has consistently maintained that Pegasus is licensed exclusively to government agencies to combat serious crime and safeguard national security. However, the company has repeatedly faced allegations that its technology has been used to monitor journalists, political opponents, human rights activists and other members of civil society around the world.

The company was placed on a US government blacklist in 2021 over concerns related to human rights and national security. Last year, Meta Platforms, the parent company of WhatsApp, secured a damages award against NSO after accusing the firm of unlawfully exploiting its messaging platform. More recently, Meta sought a contempt order, alleging the company violated a court injunction.

Citizen Lab said it believes Kouloglou’s phone was infiltrated through an Apple software vulnerability that was unknown at the time of the attacks. The researchers added that Apple later warned the former lawmaker in both 2023 and 2024 that he had been targeted in state-sponsored hacking attempts.

Although Citizen Lab did not identify the entity responsible for deploying Pegasus against Kouloglou, it said elements of the hacking campaign resembled earlier operations targeting Russian- and Belarusian-speaking journalists and activists living in exile.

Apple said the software flaw referenced in the report has since been patched and noted that it routinely notifies users it believes have been targeted by sophisticated state-sponsored attackers.

Former EU lawmaker Sophie in ’t Veld, who played a key role in establishing the PEGA Committee, said the incident underscored the growing threat posed by commercial spyware and the lack of accountability surrounding its use.

She warned, “We’re in a situation where anybody could spy on anyone. They’re spying on citizens, journalists, NGOs, lawyers and politicians, and nobody knows who’s behind it.”

Related posts

Russian Missile And Drone Attack Kills 10 In Kyiv

Zelenskyy Cuts Ireland Visit Short After Warning Of Major Russian Attack

Johnson To Send Housing Affordability Bill To Trump Monday

This website uses cookies to improve User experience. Learn More