EU lawmaker investigating surveillance hacked by Israeli spyware, report says
✓Greek former parliamentarian Stelios Kouloglou targeted with Pegasus software, Citizen Lab analysis finds.
A former member of the European Parliament was hacked with Pegasus spyware while serving on a committee investigating surveillance by the tool’s Israeli creator, a Canadian research group has found.
The iPhone of Greek investigative journalist Stelios Kouloglou, who served as an MEP from 2015 to 2024, was infected at least three times with Pegasus spyware in 2022 and 2023, Citizen Lab said in a report released on Friday.
The three incidents, which occurred while Kouloglou was in Athens and Brussels, coincided with the ex-parliamentarian’s time on a committee tasked with investigating the illegal use of Pegasus and other spying tools in the European Union, according to Toronto-based Citizen Lab.
European lawmakers established the PEGA Committee in 2022 following revelations that governments in the bloc had used Pegasus to monitor journalists, activists, politicians, and other citizens.
Kouloglou received Apple threat notifications about possible Pegasus breaches after the intrusions, but only months after each incident, according to Citizen Lab.
Kouloglou, who did not immediately respond to Al Jazeera’s request for comment, requested that the research group conduct a forensic investigation of his phone in May.
Citizen Lab said in its report that the incident highlighted the “serious threat that mercenary spyware poses to the integrity of democratic processes”.
“Whichever entity is responsible for the hacking, the infection could have exposed strictly confidential exchanges among PEGA Committee members and their staff, and other sensitive and confidential parliamentary proceedings, including to parties under investigation by the Committee itself,” the report said.
Citizen Lab did not attribute the hacking to a particular government, but said it found no evidence to suggest that the Greek government was responsible.
Pegasus, developed and sold by Herzliya-based NSO Group in Israel, allows its operator to secretly take control of a target’s phone, allowing remote access to a device’s messages, photos, contacts, camera and microphone.
While NSO Group markets Pegasus as a legitimate tool for law enforcement and intelligence agencies to target criminal groups, the spyware has also been used to spy on journalists, lawyers, dissidents, and government officials.
In 2021, NSO Group was blacklisted by the administration of United States President Joe Biden for acting “contrary to the foreign policy and national security interests of the US”.
Last year, a US judge also barred NSO Group from targeting the encrypted messaging app WhatsApp, arguing that its software causes “direct harm”.
NSO Group did not immediately respond to a request for comment. The company has previously said it carefully vets buyers and that it has terminated contracts with users found to have abused the software.
The European Commission did not immediately respond to inquires.
Rand Hammoud, director of the security, surveillance and human rights programme at the Center for Democracy and Technology Europe, said the case should concern “everyone who cares about democracy, fundamental rights, and the rule of law in Europe”.
“The fact that a member of the European Parliament serving on the PEGA Committee, the very committee established to investigate spyware abuse, was reportedly targeted with Pegasus raises serious concerns about the integrity of democratic oversight itself,” Hammoud told Al Jazeera.
She described the cyberattacks as part of a “broader failure to effectively rein in the commercial spyware market”.
German MEP Hannah Neumann, who also served on the PEGA Committee, said the European Parliament should immediately investigate the breaches.
“Spyware doesn’t make democracies safer,” Neumann said in a post on X. “It weakens democratic oversight, parliamentary independence and the rule of law.”
Read the full story at Al Jazeera ↗ · The Guardian ↗
A former European Parliament member investigating spyware abuse was himself targeted with Pegasus software while serving on that oversight committee. Greek investigative journalist and MEP Stelios Kouloglou's iPhone was compromised at least three times during 2022-2023, according to analysis by Citizen Lab, a Toronto-based research organisation. The infections aligned with his work on the PEGA Committee, established in 2022 to investigate illegal spyware use across the EU. Apple notified Kouloglou of potential breaches, but the notifications came months after each intrusion. Citizen Lab's analysis did not identify which entity conducted the hacking or confirm Greek state involvement. Pegasus, made by Israeli firm NSO Group, enables remote access to device data including messages, photos, and camera feeds. The company says it sells only to vetted law enforcement and intelligence buyers, though documented cases show use against journalists and activists. The US blacklisted NSO Group in 2021 and a US judge later barred it from targeting WhatsApp. EU and parliamentary responses to Kouloglou's case were not immediately available.
Read the full story at Al Jazeera ↗ · The Guardian ↗
Greek former parliamentarian Stelios Kouloglou targeted with Pegasus software, Citizen Lab analysis finds.
A former member of the European Parliament was hacked with Pegasus spyware while serving on a committee investigating surveillance by the tool’s Israeli creator, a Canadian research group has found.
The iPhone of Greek investigative journalist Stelios Kouloglou, who served as an MEP from 2015 to 2024, was infected at least three times with Pegasus spyware in 2022 and 2023, Citizen Lab said in a report released on Friday.
The three incidents, which occurred while Kouloglou was in Athens and Brussels, coincided with the ex-parliamentarian’s time on a committee tasked with investigating the illegal use of Pegasus and other spying tools in the European Union, according to Toronto-based Citizen Lab.
European lawmakers established the PEGA Committee in 2022 following revelations that governments in the bloc had used Pegasus to monitor journalists, activists, politicians, and other citizens.
Kouloglou received Apple threat notifications about possible Pegasus breaches after the intrusions, but only months after each incident, according to Citizen Lab.
Kouloglou, who did not immediately respond to Al Jazeera’s request for comment, requested that the research group conduct a forensic investigation of his phone in May.
Citizen Lab said in its report that the incident highlighted the “serious threat that mercenary spyware poses to the integrity of democratic processes”.
“Whichever entity is responsible for the hacking, the infection could have exposed strictly confidential exchanges among PEGA Committee members and their staff, and other sensitive and confidential parliamentary proceedings, including to parties under investigation by the Committee itself,” the report said.
Citizen Lab did not attribute the hacking to a particular government, but said it found no evidence to suggest that the Greek government was responsible.
Pegasus, developed and sold by Herzliya-based NSO Group in Israel, allows its operator to secretly take control of a target’s phone, allowing remote access to a device’s messages, photos, contacts, camera and microphone.
While NSO Group markets Pegasus as a legitimate tool for law enforcement and intelligence agencies to target criminal groups, the spyware has also been used to spy on journalists, lawyers, dissidents, and government officials.
In 2021, NSO Group was blacklisted by the administration of United States President Joe Biden for acting “contrary to the foreign policy and national security interests of the US”.
Last year, a US judge also barred NSO Group from targeting the encrypted messaging app WhatsApp, arguing that its software causes “direct harm”.
NSO Group did not immediately respond to a request for comment. The company has previously said it carefully vets buyers and that it has terminated contracts with users found to have abused the software.
The European Commission did not immediately respond to inquires.
Rand Hammoud, director of the security, surveillance and human rights programme at the Center for Democracy and Technology Europe, said the case should concern “everyone who cares about democracy, fundamental rights, and the rule of law in Europe”.
“The fact that a member of the European Parliament serving on the PEGA Committee, the very committee established to investigate spyware abuse, was reportedly targeted with Pegasus raises serious concerns about the integrity of democratic oversight itself,” Hammoud told Al Jazeera.
She described the cyberattacks as part of a “broader failure to effectively rein in the commercial spyware market”.
German MEP Hannah Neumann, who also served on the PEGA Committee, said the European Parliament should immediately investigate the breaches.
“Spyware doesn’t make democracies safer,” Neumann said in a post on X. “It weakens democratic oversight, parliamentary independence and the rule of law.”
Read the full story at Al Jazeera ↗ · The Guardian ↗
Greek former MEP Stelios Kouloglou's iPhone was infected with Pegasus spyware at least three times in 2022 and 2023 The infections occurred while Kouloglou was serving on the PEGA Committee, which investigates illegal use of surveillance tools in the EU Kouloglou received Apple threat notifications about the breaches, but only months after each incident occurred Citizen Lab did not attribute the hacking to a particular government and found no evidence of Greek state involvement Pegasus allows its operator to remotely access a target's messages, photos, contacts, camera and microphone NSO Group markets Pegasus as a tool for law enforcement and intelligence agencies to target criminal groups The spyware has also been used to spy on journalists, lawyers, dissidents, and government officials The US blacklisted NSO Group in 2021 for acting contrary to US foreign policy and national security interests A US judge barred NSO Group from targeting WhatsApp, arguing the software causes direct harm The infection could have exposed confidential PEGA Committee exchanges and other sensitive parliamentary proceedings The incident highlights a serious threat that mercenary spyware poses to democratic processes The case should concern everyone who cares about democracy, fundamental rights, and the rule of law in Europe The targeting raises serious concerns about the integrity of democratic oversight itself Spyware weakens democratic oversight, parliamentary independence and the rule of law
Read the full story at Al Jazeera ↗ · The Guardian ↗
- Greek former MEP Stelios Kouloglou was infected with Pegasus spyware at least three times in 2022-2023 while serving on the EU's PEGA Committee investigating spyware abuse, Citizen Lab found.
- The infections occurred in Athens and Brussels; Apple threat notifications arrived months after each incident.
- Citizen Lab did not attribute the hacking to a specific government and found no evidence of Greek state involvement; NSO Group's Pegasus allows remote control of target devices.