Introduction
In a stunning revelation that underscores the pervasive threat of commercial spyware, a European Parliament member who served on a committee investigating the Pegasus spyware was himself infected with the same malware. The discovery, made by the University of Toronto's Citizen Lab, has sent shockwaves through political circles in Europe and raised serious questions about the security of parliamentary investigations.
The PEGA Committee Investigation
In the summer of 2022, Greek politician Stelios Kouloglou was part of the European Parliament's PEGA Committee, established to investigate the use of the notorious Pegasus spyware and other variants. The committee traveled to interview victims and probe high-profile cases of spyware abuse. Kouloglou, a longtime investigative journalist who served as a Member of the European Parliament (MEP) from 2015 to 2024, was deeply involved in these efforts.
The Citizen Lab Findings
According to a new forensic analysis published by Citizen Lab, Kouloglou's iPhone was hacked with Pegasus spyware in the fall of 2022—while he was actively investigating the very same malware. The report marks the first time a member of the PEGA Committee has been identified as a victim of Pegasus while working within the group. The researchers note that they do not have conclusive evidence of the government or entity behind the attacks, but they emphasize that the perpetrators would have potentially gained access to internal committee information, violating EU parliamentary confidentiality requirements.
Kouloglou's Reaction
"I was not expecting that," Kouloglou told WIRED. He described feeling shocked and then angry upon learning his device had been compromised. "Me being a member of the Pegasus Committee investigating Pegasus and at the same time being hacked by Pegasus—it was something really too reckless." He called the targeting "a direct attack on the rule of law."
Technical Details of Pegasus
First discovered by Citizen Lab in 2016, Pegasus exploits mobile operating system vulnerabilities to infect iOS and Android devices. Once installed, the malware can tap microphones and cameras, grab messages, contact data, web browsing details, photos, and other personal information. The spyware is created by Israeli firm NSO Group and has been linked to numerous human rights abuses worldwide.
Broader Implications
John Scott-Railton, a senior researcher at Citizen Lab, emphasized that the targeting of Kouloglou highlights how endemic and brazen spyware targeting has become in the EU and beyond. "It's open spyware season on Europe's lawmakers," he said. The incident raises urgent questions about the security of parliamentary investigations and the need for stronger protections against state-sponsored surveillance.
Conclusion
The revelation that a lawmaker investigating Pegasus was himself hacked by the same spyware is a stark reminder of the challenges facing democracies in the digital age. As the EU continues to grapple with the implications of commercial spyware, this case underscores the need for robust cybersecurity measures and accountability for those who deploy such tools.
This article is based on reporting by Wired. Read the original article.
Originally published on wired.com








