Security researchers have confirmed that a European politician’s phone was compromised with Pegasus spyware while he served on a committee investigating abuses of the surveillance tool, reigniting controversy over governmental use of spyware against critics.
The Citizen Lab at the University of Toronto reported that Greek journalist and former politician Stelios Kouloglou’s phone was hacked in 2022 and again in 2023, marking the first publicly identified instance of a European Parliament member on the PEGA committee being targeted by spyware.
Kouloglou told TechCrunch that the deliberate compromise of his phone was “reckless,” and another European lawmaker described the incident as a “direct attack on the rule of law,” urging the European Commission to impose strict limits on spyware use across the EU’s 27 member states.
Although attacks on lawmakers are uncommon, the timing and targeting of this investigator—using the very spyware he was examining—suggest a focused effort to probe the committee’s operations ahead of a forthcoming report, raising fresh concerns about governmental misuse of spyware intended for serious crime detection.
The Citizen Lab said it could not pinpoint a specific nation, but noted that the same Pegasus‑laden email address used in earlier journalist hacks indicated a government customer with NSO Group authorization to employ Pegasus across multiple European countries.
A European Commission spokesperson declined to comment, and NSO Group did not respond to a request for comment before the report’s release.
According to the Citizen Lab’s Friday report, Kouloglou was first compromised in October 2022 and again in March 2023 via a zero‑click exploit targeting an unpatched iPhone vulnerability, allowing spyware to infiltrate his device without any user interaction.
The exploit leveraged a previously identified flaw in Apple’s smart‑home software, enabling the spyware to exfiltrate private data—including messages, correspondence, location information, and photos—without the user’s awareness.
The October 2022 intrusion coincided with heightened email and messaging activity in the weeks leading up to the release of an initial draft report that examined spyware abuses in Cyprus, Greece, Hungary, Poland, and Spain.
The timing also aligns with Kouloglou’s hospitalization for scheduled surgery, during which the attackers may have intercepted ambient audio from his conversations with visitors.
In early March 2023, Kouloglou’s phone was hacked again on March 6‑7 while traveling from Athens to Brussels amid committee hearings, months before the committee finalized its report.
Kouloglou told TechCrunch that he does not know why he was targeted, but believes it stemmed from his involvement with the European Parliament’s committee probing Pegasus abuses.
He expressed anger upon learning his phone had been compromised.
“It’s clear that my personal data—far beyond professional exchanges with ministers—has been accessed, including the happiest and saddest moments,” he told TechCrunch.
Kouloglou announced his intention to sue NSO Group, the Israeli‑based spyware firm, which has been largely barred from U.S. government use after a Biden‑era executive order prohibited the deployment of spyware that could violate human rights.
Last year, NSO confirmed that an undisclosed American investment group injected tens of millions of dollars into the company, presumably to rehabilitate its brand tarnished by human‑rights violations.
He said he went public with his story to advance democracy, protect human rights, and combat corruption.
“Corruption concerns everyone,” he added.


