MEP Investigating Spyware Hacked by Pegasus During Probe
A shocking revelation from **Citizen Lab** confirms that **Stelios Kouloglou**, a Greek politician and former member of the European Parliament's PEGA Committee, had his iPhone compromised by **Pegasus** spyware multiple times in 2022 and 2023. This unprecedented incident targeted an MEP actively investigating the very spyware that infected his device, raising serious concerns about the integrity of parliamentary work and the pervasive nature of state-sponsored surveillance.
In a disturbing turn of events, **Stelios Kouloglou**, a Greek politician who served as a Member of the European Parliament (MEP) from 2015 to 2024, was reportedly hacked by **Pegasus** spyware while investigating its misuse.
**Kouloglou** was a key member of the European Parliamentβs PEGA Committee, established in 2022 to probe the widespread use of **Pegasus** and other intrusive surveillance tools against business leaders, law enforcement officials, and politicians.
"I was not expecting that," **Kouloglou** told WIRED, expressing shock and anger upon discovering the compromise. "Me being a member of the Pegasus Committee investigating Pegasus and at the same time being hacked by Pegasus, it was something really too reckless."
### The Sophistication of Pegasus Spyware
**Pegasus**, developed by Israeli firm **NSO Group**, was first identified by **Citizen Lab** in 2016. The sophisticated malware exploits evolving vulnerabilities in mobile operating systems to infect both iOS and Android devices. Once installed, it can covertly access microphones and cameras, extract messages, contact data, web browsing history, photos, and other sensitive personal information.
### Targeting Amidst the Investigation
**Citizen Lab**'s forensic analysis, published recently, details how **Kouloglou**'s iPhone was targeted not once, but multiple times. This marks the first confirmed instance of a PEGA Committee member being victimized by **Pegasus** while actively engaged in the investigation.
While **Citizen Lab** has not definitively attributed the attacks to a specific government or entity, the perpetrator would have potentially gained access to confidential internal information regarding the committee's activities and findings, a potential breach of EU parliamentary confidentiality and individual privacy.
**John Scott-Railton**, a senior researcher at **Citizen Lab**, highlighted the growing audacity of such targeting. "Itβs open spyware season on Europeβs lawmakers," he stated. "The European Parliament, national parliaments, nobody is prepared."
**NSO Group** did not respond to requests for comment regarding the findings. It's noteworthy that US-based investors acquired a majority stake in **NSO Group** in 2025.
### A Broader Context of Spyware Abuse
The PEGA Committee's formation was largely spurred by the **Pegasus Project** in 2021, a collaborative investigation by numerous media outlets and NGOs. This project unveiled the immense scale of **Pegasus** use globally, with reports indicating at least 180 journalists were among those targeted. **NSO Group** disputed these findings.
Concurrently, Greece was embroiled in its own spyware scandal, dubbed "Greeceβs Watergate," where the **Predator** spyware, developed by **Intellexa**, was used to target journalists and government officials.
These incidents underscored the critical need for public-private collaboration and robust policy measures to combat spyware misuse, as technological protections alone are insufficient.
### Implications for Democracy and Privacy
**Saskia Bricmont**, an MEP and fellow PEGA Committee member, emphasized the gravity of the situation: "The use of spyware not only violates the fundamental rights of the individuals concerned, but in this case also threatens the security and integrity of parliamentary work and of the European Parliament as a whole. It is a direct attack on the rule of law."
**Citizen Lab**'s report found no evidence of Greek government involvement in the attacks on **Kouloglou**. However, it did identify overlaps between the targeting of **Kouloglou**'s phone and the use of **Pegasus** against seven Russian- and Belarusian-speaking journalists and activists between August 2020 and January 2023.
**Hannah Neumann**, another Green MEP on the spyware committee, noted the strategic timing of the attacks. "They did not only target an MEP, they spied on the investigation into spyware abuse itself. That shows the whole absurdity of the situation," she remarked. The infections occurred during critical phases of the committee's work, including key hearings and the finalization of their findings.
**Kouloglou**'s phone was first infected on October 21, 2022, while he was in the hospital. A second infection occurred on March 6 and 7, 2023. He later received three notifications from **Apple** in March and August 2023, and April 2024, alerting him to potential spyware targeting, though he doesn't recall seeing them in real-time.
"I got angry because you realize that your private life, including messages not only with politicians, friends, but your personal life with relatives, kids, wives, et cetera has been monitored by somebody," **Kouloglou** stated. "Itβs not a matter only about privacy, itβs also a matter about justice, democracy and the corruption fight."
MEPs are concerned that other committee members may also have been targeted. They also express disappointment that the committee's recommendations, including the establishment of an EU-based tech lab for forensic device analysis and an election-focused spyware taskforce, have yet to be fully implemented.
**Scott-Railton** concluded, "Europe has a mountain of spyware abuses, and nothing has happenedβitβs an embarrassment for European institutions. It leaves Europeans unprotected even as AI promises to turbocharge the mercenary spyware threat by lowering costs and barriers to entry."
He contrasted Europe's inaction with progress made by countries like the United States, which have employed sanctions, visa bans, and executive orders to combat spyware use.
**Neumann** reiterated, "There is no lack of awareness of the problems that come with mercenary spyware. Thatβs what the Pegasus Committee wrote the whole report about. There is no lack of recommendations on how to address it."