Pegasus Infected an EU Lawmaker While He Investigated Pegasus
Citizen Lab has confirmed that former Member of the European Parliament Stelios Kouloglou was repeatedly hacked with NSO Group’s Pegasus spyware during his tenure on the PEGA committee — the very body tasked with investigating Pegasus and equivalent spyware abuses across Europe. Forensic analysis of his iPhone, which he submitted in May 2026, showed successful infections around October 21, 2022 and again on March 6-7, 2023, most likely delivered via the PWNYOURHOME zero-click exploit that abused HomeKit and MessagesBlastDoorService on iOS. Apple’s own mercenary-spyware threat notifications, issued on three separate dates, corroborate the targeting, though Kouloglou says he doesn’t recall receiving them.
The timing is pointed. The first infection landed ten days before a PEGA fact-finding mission to Greece and Cyprus, during committee hearings and while the panel’s first draft report — covering spyware allegations in Poland, Hungary, Greece, Cyprus, and Spain — was being circulated among members over text and email. That means the operator plausibly captured confidential committee deliberations, potentially breaching EU parliamentary privilege. It also caught Kouloglou on the day he was hospitalized for elective surgery and met with journalist Thanasis Koukakis (himself a Predator spyware victim), raising the prospect that protected medical data was swept up too.
Citizen Lab stops short of naming a culprit and found no evidence implicating the Greek government. Instead, it flags an overlap between the first infection and a known Pegasus campaign against Russian- and Belarusian-speaking exiles in Europe, pointing to a single customer with authorization to operate across multiple European countries. The case underscores how mercenary spyware continues to reach the officials meant to rein it in, and how difficult attribution remains even with solid forensic evidence.
Read the full article
Continue reading at Hacker News →This is an AI-generated summary. Read the original for the full story.