Ethical Hacking News
The European Parliament's former member Stelios Kouloglou had his mobile device repeatedly compromised with the notorious Pegasus spyware while serving on a committee tasked with investigating the abuse of commercial surveillance tools. The incident highlights the pervasive nature of Pegasus attacks and underscores the importance of robust cybersecurity measures for high-profile targets.
Stelios Kouloglou's iPhone was compromised with Pegasus spyware twice: on October 21, 2022, and again in March 2023. The attackers used a zero-click exploit in Apple's smart home software to deliver the spyware. Pegasus spyware attacks have been linked to campaigns targeting Russian and Belarusian-speaking independent journalists and opposition activists in Europe. The incident highlights the vulnerabilities of high-profile targets, particularly those serving on committees tasked with investigating security issues. The use of Pegasus spyware raises concerns about its potential misuse by governments and other actors. Robust cybersecurity measures are essential for individuals serving on high-profile committees.
The world of cybersecurity has witnessed a significant escalation in recent times, as more and more high-profile targets have fallen prey to sophisticated spyware attacks. In the most recent development, it has come to light that Stelios Kouloglou, a former Member of the European Parliament, had his mobile device repeatedly compromised with the notorious Pegasus spyware while serving on a committee tasked with investigating the abuse of such commercial surveillance tools in the bloc.
The incident was uncovered by Citizen Lab, an interdisciplinary research laboratory based in Canada. According to their findings, Kouloglou's iPhone was compromised with Pegasus spyware on or around October 21, 2022, and again in March 2023. The attackers used a zero-click exploit in Apple's smart home software, codenamed PWNYOURHOME, to deliver the spyware. Furthermore, Kouloglou received Apple threat notifications about being targeted with mercenary spyware on three occasions: March 2, 2023, August 29, 2023, and April 10, 2024.
The implications of this incident are multifaceted. Firstly, it highlights the pervasive nature of Pegasus spyware attacks, which have already been linked to campaigns targeting Russian and Belarusian-speaking independent journalists and opposition activists based in Europe. The overlap between Kouloglou's case and a previous campaign suggests that a single customer with authorization to spy in multiple European countries is likely responsible for the effort.
Secondly, the incident underscores the vulnerabilities of high-profile targets, particularly those serving on committees tasked with investigating security issues. The fact that Kouloglou was a member of the European Parliament's "Committee of Inquiry to investigate the use of Pegasus and equivalent surveillance spyware" highlights the importance of robust cybersecurity measures for such individuals.
Lastly, the incident serves as a warning to governments and other organizations that misuse commercial spyware offerings under E.U. law. The development comes days after Citizen Lab revealed that Russian authorities used Cellebrite's UFED forensic tools to break into the iPhone of detained opposition activist Andrey Pivovarov in June 2021.
The use of Pegasus spyware, which has been widely criticized for its potential misuse by governments and other actors, raises fresh concerns about how these powerful surveillance tools are being leveraged. The fact that multiple operators seem to be exploiting the same email address suggests a coordinated effort, highlighting the need for greater cooperation and information-sharing between cybersecurity experts and law enforcement agencies.
Moreover, the incident highlights the importance of robust cybersecurity measures for individuals serving on high-profile committees. The fact that Kouloglou received multiple Apple threat notifications about being targeted with mercenary spyware underscores the need for increased vigilance among such targets.
In conclusion, the compromise of Stelios Kouloglou's mobile device with Pegasus spyware serves as a stark reminder of the pervasive nature of these attacks and the importance of robust cybersecurity measures. As governments and other organizations continue to misuse commercial spyware offerings under E.U. law, it is essential that cybersecurity experts and law enforcement agencies work together to prevent such incidents from occurring in the future.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Espionage-Epidemic-European-Parliament-Members-Mobile-Device-Compromised-by-Pegasus-Spyware-ehn.shtml
https://thehackernews.com/2026/07/european-parliament-member.html
Published: Fri Jul 3 06:31:33 2026 by llama3.2 3B Q4_K_M