EU Politicians Probe Pegasus Spyware, Only to Find It on One of Their Own Devices

The recent findings from Citizen Lab reveal a troubling instance of Pegasus spyware being deployed against Greek Member of the European Parliament (MEP), Alexis Kouloglou. Although the research did not point to any particular government being responsible for the attack, it explicitly noted a lack of evidence regarding the involvement of the Greek government. The report highlighted notable overlaps between the hacking of Kouloglou’s phone and previous attacks on seven journalists and activists from Russian- and Belarusian-speaking communities between August 2020 and January 2023.

Hannah Neumann, a Green MEP involved in the investigation, commented on the broader implications of such targeted surveillance, stating that the actions go beyond just spying on an individual MEP; they also obstruct the investigation into abuses of spyware technology. This underscores the severity of the situation, as espionage efforts potentially compromise legislative integrity and human rights initiatives.

In response to inquiries about these findings, a spokesperson for the European Parliament did not provide direct comments but mentioned an existing “spyware screening system” available to its members. Recent measures have reportedly been adopted to enhance these protections, aligning with a growing acknowledgment of the spyware threat faced by parliamentarians and their sensitive work.

Kouloglou’s phone was compromised on October 21, 2022, while he was hospitalized for elective surgery. During his recovery, he was visited by Thanasis Koukakis, a journalist known to have been previously targeted with Predator spyware. Shortly after Kouloglou’s phone was infected, the PEGA Committee conducted hearings exploring the adverse effects of spyware and its implications for human rights, further investigating potential abuses in Cyprus and Greece.

A second infection of Kouloglou’s device occurred on March 6 and 7, 2023, during a critical phase wherein the committee was conducting intensive negotiations concerning investigative findings. Neumann remarked on the correlation between the spyware incidents and crucial committee hearings, emphasizing that such surveillance is likely not coincidental but rather a directed effort to undermine the committee’s investigations.

Expressing his frustration, Kouloglou articulated the profound invasion of privacy resulting from the intrusions, describing the unsettling awareness that personal communication, including exchanges with family and colleagues, was being monitored. This raises significant alarm around issues of justice, democracy, and the ongoing battle against corruption in Europe.

The forensic analysis from Citizen Lab indicated that Kouloglou received notifications from Apple regarding potential spyware targeting in March and August of 2023, as well as in April 2024. These alerts, however, are not issued in real-time, meaning Kouloglou was likely unaware of the threats at the time they occurred.

Concerns persist among Kouloglou and fellow MEPs that other members of the committee may also be at risk of similar targeting. The group has made several recommendations for enhanced cybersecurity measures, including the establishment of an EU-based tech lab dedicated to forensic device analysis and the creation of a specialized task force aimed at addressing spyware threats in elections. Despite these recommendations, progress remains slow, reflecting an ongoing challenge in adequately addressing the growing threat landscape posed by spyware in Europe.

Scott-Railton from Citizen Lab emphasized the urgent need for more robust responses to the rampant abuses of spyware, noting that many European institutions have yet to take decisive actions against this pervasive threat. He contrasts this with steps taken by countries such as the United States, which have implemented various deterrents, including sanctions and executive orders, to combat spyware usage effectively.

Neumann reiterated that while awareness of the dangers associated with mercenary spyware exists, substantive action has lagged behind essential recommendations designed to mitigate these threats. As such, the implications of these findings underscore a critical need for a concerted effort to enhance cybersecurity protections for public figures and reinforce the democratic processes that underpin society.

Source