Daily Beirut
Edition·Independent — Beirut, Lebanon

World

European Parliament Investigator Targeted by Pegasus Spyware Attacks

Greek politician Stelios Kouloglou's phone was hacked with Pegasus spyware while investigating its misuse, raising concerns over spyware abuse in Europe.

··2 min read
European Parliament Investigator Targeted by Pegasus Spyware Attacks
Share

Greek journalist and former politician Stelios Kouloglou experienced multiple hacks on his phone using Pegasus spyware during 2022 and 2023, according to researchers at the University of Toronto’s Citizen Lab. Kouloglou was serving on the European Parliament’s PEGA committee, which investigates spyware abuses by European governments, when his phone was compromised.

Citizen Lab’s report marks the first public identification of a PEGA committee member falling victim to spyware attacks. Kouloglou described the breach as “reckless,” while a current European lawmaker called it a “direct attack on the rule of law,” urging the European Commission to enforce strict regulations on spyware use within the EU’s 27 member states.

Details of the Pegasus Spyware Exploits

The spyware attacks on Kouloglou’s phone exploited a security flaw in Apple’s iPhone software, specifically a zero-click vulnerability in Apple’s smart home software. This flaw allowed Pegasus to access private data such as text messages, location information, photos, and other correspondence without any action required from Kouloglou. The vulnerability had been patched by Apple, but Kouloglou’s phone had not yet received the update at the time of the attacks.

Citizen Lab’s findings indicate Kouloglou’s phone was first hacked in October 2022 and then at least twice in March 2023. The initial hack coincided with intense email and text message exchanges related to the committee’s draft report on spyware abuses in countries including Cyprus, Greece, Hungary, Poland, and Spain. Notably, the October hack occurred while Kouloglou was hospitalized for a scheduled surgery, potentially allowing attackers to capture ambient audio from his surroundings.

Implications for European Spyware Investigations

The March 2023 hacks took place as Kouloglou traveled from Athens to Brussels amid committee hearings leading up to the finalization of the PEGA committee’s report. The timing and targeting suggest a focused effort to monitor the committee’s activities through the spyware it was investigating.

Citizen Lab did not specify the government responsible for the hacking but noted that the Pegasus-loaded email address used matched one from a previous campaign targeting journalists across Europe. This reuse implies that the customer had NSO Group’s authorization to deploy Pegasus spyware in multiple European countries.

Kouloglou expressed anger upon learning about the intrusion, emphasizing that the breach affected both his professional and deeply personal data. He plans to take legal action against NSO Group, the Israeli company behind Pegasus spyware. NSO Group remains largely prohibited from use within the United States following an executive order banning government use of spyware that violates human rights.

Last year, NSO Group confirmed that an unnamed American investment group injected tens of millions of dollars into the company, likely aiming to improve its public image after associations with human rights abuses.

Kouloglou stated that he is sharing his experience publicly to support democracy, human rights, and anti-corruption efforts, highlighting that corruption is a concern for everyone.

Add Daily Beirut to your Google News feed to get the latest first.
Share