Citizen Lab Says Former EU Lawmaker on Spyware Inquiry Was Targeted by Pegasus
The Citizen Lab has reported that Stelios Kouloglou, a former member of the European Parliament, was repeatedly targeted with Pegasus spyware while he was serving on a committee examining the misuse o...
The Citizen Lab has reported that Stelios Kouloglou, a former member of the European Parliament, was repeatedly targeted with Pegasus spyware while he was serving on a committee examining the misuse of commercial surveillance tools in the European Union.
According to the Toronto-based research group, forensic work on Kouloglou’s iPhone suggests the device was infected around Oct. 21, 2022, and again on March 6 and 7, 2023. The researchers said the intrusions may have exposed confidential committee material and internal discussions. They have not publicly attributed the campaign to a specific government.
The PEGA Committee, formally known as the Committee of Inquiry to investigate the use of Pegasus and equivalent surveillance spyware, was created in March 2022 to look into alleged abuses of spyware across the bloc. Kouloglou served on the panel from March 2022 until July 2023.
Citizen Lab said the first infection appears to have used a zero-click flaw in Apple’s HomeKit software, an attack path that Apple later fixed in iOS 16.3.1. Both suspected compromises occurred while the phone was still running iOS 15.5. Researchers also noted that Kouloglou received Apple alerts about possible mercenary spyware targeting on three occasions between 2023 and 2024.
The group said one clue links the case to a previous Pegasus operation aimed at Russian- and Belarusian-speaking journalists and activists in Europe. The overlap centers on a specific email address used in the infection infrastructure, which the researchers believe may have been tied to a particular Pegasus operator. They added, however, that the second 2023 incident could involve the same operator or a different one.
Citizen Lab said the case is notable because it is the first publicly identified instance of a PEGA Committee member being targeted while participating in the inquiry. The timing is also significant: one of the intrusions happened during a period of intense committee drafting and hearings, shortly before the panel adopted its first report.
Broader surveillance concerns
- The findings add to concerns about spyware being used against lawmakers, journalists, dissidents, and other critics.
- They also underscore how commercial surveillance tools can be deployed across multiple European countries.
- Citizen Lab has recently reported on other spyware and forensic-tool abuses involving Russian authorities and telecom infrastructure.
The report contributes to a growing body of evidence showing how advanced surveillance capabilities continue to be used in politically sensitive investigations and cross-border targeting campaigns.
