The findings mark the first publicly documented case of an active member of the committee being targeted with Pegasus, the notorious spyware operated by Israeli cyber-intelligence leader NSO Group that has been used to target political figures worldwide, including the EU’s top leaders.

Kouloglou told POLITICO that both hacks occurred during periods of “enormous preparation” for committee activities. During the October 2022 incident cited by Citizen Lab, lawmakers were preparing research missions to Greece, Cyprus and Spain as part of investigations into government use there.

According to the report, the spyware would likely have given the attacker access to Kouloglou’s private emails, text messages and other communications relating to the committee’s deliberations, potentially exposing confidential parliamentary work.

The second infection in March 2023 occurred as lawmakers finalized the committee’s report. Kouloglou, an investigative journalist turned MEP, had traveled to Brussels for discussions on the final text.

“Without a doubt the hacking had to do absolutely with my status as member of the PEGA Committee,” said Kouloglou.

The researchers are not attributing the hacking to any specific government. Instead, the report identifies overlaps with a previously documented Pegasus campaign targeting exiled Russian- and Belarusian-speaking journalists and activists in Europe. This suggests the operation was likely carried out by an NSO Group customer authorized to deploy Pegasus across multiple European countries, according to the report.

Share.
Exit mobile version