Citizen Lab says former European Parliament member Stelios Kouloglou was targeted with Pegasus spyware while serving on a committee investigating surveillance abuses.
A former member of the European Parliament who investigated spyware abuse across the European Union was secretly targeted with Pegasus spyware, according to a new report by Citizen Lab.
The Canada-based cybersecurity research group said the mobile phone of Greek journalist and former EU lawmaker, Stelios Kouloglou, was infected at least three times between October 2022 and March 2023.
Researchers said attackers used Pegasus, the sophisticated surveillance software developed by Israel’s NSO Group, to compromise his device.
The alleged attacks occurred while Kouloglou served on the European Parliament’s PEGA Committee, which was established in 2022 to investigate the misuse of spyware by governments across the European Union.
The committee later concluded that Pegasus and similar surveillance tools had likely been used both lawfully and unlawfully by several member states.
Reacting to the findings, Kouloglou described the revelation as alarming.
“I was not expecting that a PEGA member would be spied on by Pegasus. I was not expecting that they would be as reckless as that,” he stated
Citizen Lab said the attackers likely exploited an unknown vulnerability in Apple’s software to gain access to the device. Apple later notified Kouloglou in 2023 and 2024 that he had been targeted in state-sponsored hacking attempts and confirmed it has since patched the security flaw.
The European Parliament said its cybersecurity teams continue to monitor threats against lawmakers and noted that spyware detection tools have been available to members since 2022. The European Commission did not immediately comment, while NSO Group also did not respond to requests for comment.
NSO Group has consistently maintained that it licenses Pegasus only to government agencies to combat serious crime and protect national security.
However, the company has repeatedly faced allegations that its spyware has been used to monitor journalists, opposition politicians, human rights activists and other members of civil society.
Citizen Lab did not identify who deployed Pegasus against Kouloglou but said the operation shared similarities with previous campaigns targeting Russian- and Belarusian-speaking journalists and activists in exile.
Former EU lawmaker Sophie in ‘t Veld said the incident underscores the growing threat posed by commercial spyware and renewed calls for stronger oversight and accountability.
