European Parliament Investigator’s Phone Hacked with Pegasus Spyware, Rekindling Spyware Abuse Controversy

by Anika Shah - Technology
0 comments

European Politician Hacked with Pegasus Spyware, Raising Concerns Over Government Surveillance

Security researchers have confirmed that Stelios Kouloglou, a Greek journalist and former politician, was targeted by Pegasus spyware in 2022 and 2023, marking the first time that a member of the European Parliament’s PEGA committee, tasked with investigating phone spyware attacks by European governments, has been publicly identified as a victim of spyware, according to the University of Toronto’s Citizen Lab.

How Was Kouloglou Hacked?

Kouloglou’s phone was compromised using a zero-click exploit that exploited an unpatched vulnerability in Apple’s iPhone software, as reported by Citizen Lab. The attackers used a previously discovered flaw in Apple’s smart home software, allowing them to access private data—including text messages, location information, and photos—without any user interaction. The hack occurred in October 2022 and at least twice during March 2023, with the March attacks happening during a trip from Athens to Brussels.

“You realize that all of your personal data [was taken]—not all the professional exchanges or messages with ministers—but also the very private things, like the happy moments and the sad moments,” Kouloglou told TechCrunch, expressing his distress over the breach.

Why Does This Matter?

The targeting of Kouloglou, who was investigating government use of spyware, has raised alarms about the potential misuse of surveillance tools. The European Parliament’s PEGA committee faced a direct threat to its work. The hack occurred amid preparations for a report on spyware abuses in Cyprus, Greece, Hungary, Poland, and Spain, suggesting a deliberate effort to undermine the investigation.

A European lawmaker described the attack as a “direct attack on the rule of law,” urging the European Commission to impose stricter regulations on spyware use.

Who Is Behind the Attack?

Citizen Lab did not identify the specific government responsible for the hack but noted that the same Pegasus-loaded email address used in previous campaigns targeting European journalists was involved. The reuse of this email address implies the attacker had authorization from the NSO Group, the Israeli company that develops Pegasus, according to the report.

European Parliament begins investigation into Pegasus spyware as MEP hacks revealed

NSO Group has faced widespread criticism for enabling human rights abuses through its spyware. The company remains largely banned from use in the United States following a Biden-era executive order. Despite this, the company has continued operations, with recent reports indicating investments from an unnamed American group.

What’s Next for Kouloglou?

Kouloglou plans to sue NSO Group. “I’m doing this for democracy, human rights, and the fight against corruption,” he said.

What’s Next for Kouloglou?

The European Commission has not commented on the incident, and NSO Group has not responded to requests for clarification.

How Can Users Protect Themselves?

Apple has since issued patches for the vulnerability exploited in Kouloglou’s case. Users are advised to install software updates promptly to mitigate risks.

Related Posts

Leave a Comment