Citizen Lab Finds Pegasus Hit MEP Stelios Kouloglou 3 Times During 2022-23 Spyware Probe
Updated
Updated · The Guardian · Jul 3
Citizen Lab Finds Pegasus Hit MEP Stelios Kouloglou 3 Times During 2022-23 Spyware Probe
3 articles · Updated · The Guardian · Jul 3
Summary
Citizen Lab said Pegasus repeatedly targeted then-MEP Stelios Kouloglou while he served on the European Parliament’s Pega committee, marking the first known spyware case involving a member of that panel.
Three attacks were identified—on Oct. 21, 2022 and on March 6-7, 2023—during intense drafting phases of the committee’s reports on spyware abuses, with one intrusion coinciding with Kouloglou’s hospital stay.
Researchers could not name the government client behind the hacking, but said a unique Apple ID linked Kouloglou’s case to attacks on seven exiled Russian- and Belarusian-speaking journalists and activists in Europe.
Citizen Lab said the operator likely held Pegasus licenses in Greece and Belgium, while Kouloglou tied the case to broader concerns over corruption, justice and democracy.
The findings revive scrutiny of Europe’s spyware response, which researchers say has largely ignored the Pega committee’s recommendations despite scandals such as Greece’s targeting of more than 80 politicians, journalists and officials.
Following the Intellexa chief's admission, will the Greek government face justice for the spyware scandal?
As spyware targets its own lawmakers, can the EU effectively regulate the powerful surveillance industry?
When even spyware investigators are not safe, is anyone's digital privacy truly secure from state surveillance?
Pegasus Spyware Strikes EU Lawmaker Investigating Abuse: How State Surveillance Threatens European Democracy
Overview
The report reveals that Stelios Kouloglou, a Greek journalist and former MEP, was targeted and infected with Pegasus spyware while investigating spyware abuses in the European Parliament. Citizen Lab researchers identified this attack and found that the same government client likely targeted Kouloglou and several other independent journalists and activists across Europe, using a unique Apple ID email. This client probably operated in both Belgium and Greece. The incident shows that perpetrators not only spied on lawmakers but also compromised the investigation itself, highlighting a serious threat to democratic processes and the integrity of parliamentary oversight.