EU Parliament Investigates Hacking of Former Parliamentarian Ahead of Pegasus Inquiry Report

A damning revelation has emerged from the European Parliament’s internal probe into the alleged hacking of former Member of the European Parliament Stelios Kouloglou. The news comes on the heels of an investigation by the PEGA committee, a temporary committee established to look into the misuse of Pegasus spyware, which has been linked to numerous high-profile hacking incidents in Europe and beyond.

According to a recent report by the research group Citizen Lab, Kouloglou’s iPhone was compromised with NSO Group’s highly sophisticated Pegasus spyware in October 2022 and March 2023. The exploitation of his device, which Kouloglou used for work purposes, occurred through a zero-click exploit chain, a particularly concerning technique allowing the attackers to bypass security measures without the need for user interaction.

Citizen Lab conducted a forensic analysis of Kouloglou’s iPhone and found evidence of unauthorized access to confidential committee documents and deliberations during the PEGA committee’s crucial moments of inquiry. The exact extent of the hacking and the identity of those behind the breach remain under investigation.

This incident highlights the vulnerability of European politicians to sophisticated cyber attacks as they delve into sensitive topics like the use of spyware and other surveillance technologies. The findings have sparked a new wave of scrutiny and debate about the measures taken to protect parliamentarians from such threats.

The PEGA committee, established in 2022, has been tasked with investigating the proliferation of Pegasus spyware and other spyware abuse cases across Europe. The latest development has added urgency to the committee’s work, as it grapples with the consequences of these hacking incidents on democratic institutions and the protection of sensitive information.

Reacting to the news, a spokesperson for the European Parliament’s President Roberta Metsola stressed the need for robust security measures to safeguard parliamentarians and the integrity of the legislative process. “The European Parliament takes the security and data protection of its members very seriously,” they said, echoing the institution’s commitment to protecting against espionage and cyber threats.

As the inquiry into the hacking of Stelios Kouloglou continues, questions are being raised about the responsibility of NSO Group, the Israeli-based company behind Pegasus, in protecting against such abuses. The company has maintained that its software is used by governments and law enforcement agencies to target serious crimes, but many have criticized its lack of oversight and accountability.

The incident comes at a sensitive moment for the European Parliament as it prepares to release its report on Pegasus spyware and other spyware abuses across Europe.