Post

Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds

Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds

Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds 🚨

A former EU lawmaker was hacked with Pegasus spyware while investigating its use, according to Citizen Lab. The report documents a darkly ironic finding in recent surveillance research: former Member of the European Parliament Stelios Kouloglou was repeatedly infected with NSO Group’s Pegasus spyware while serving on the very committee tasked with investigating Pegasus abuses across the EU. The PEGA Committee ran from March 2022 to July 2023, and Kouloglou was a member throughout.

“We found that former Member of the European Parliament Stelios Kouloglou was hacked with Pegasus spyware while serving on the PEGA committee, which investigated Pegasus and other spyware abuses in Europe,” reads the Citizen Lab report.

The infections occurred on October 21, 2022, and again on March 6 and 7, 2023, during intense PEGA activity. The first infection happened just ten days before a planned committee visit to Greece and Cyprus, while drafts of the first PEGA report were circulating among members. The second infection occurred while the committee was deep in the final drafting process, two months before the report’s adoption in May 2023.

The delivery mechanism for the first infection was PWNYOURHOME, a zero-click exploit targeting Apple’s HomeKit system. On 2022-10-21, there was a lookup for a HomeKit email address rauharepo888 [@]gmail.com. Two minutes later, a Pegasus process used mobile data. The report assesses that the phone was hacked with the PWNYOURHOME zero-click exploit at this point.

Citizen Lab states it is highly confident that former MEP Stelios Kouloglou was infected with Pegasus, but cannot identify the NSO’s customer behind the attack. Researchers found no evidence linking the operation to the Greek government, which has instead been associated with Predator spyware. Technical evidence suggests the same Pegasus operator also targeted Russian and Belarusian journalists and activists in Europe. The infections occurred in both Greece and Belgium, indicating the spyware operator likely held a license allowing surveillance across multiple EU countries.

This is the first confirmed case of a PEGA Committee member being hacked with Pegasus while the committee was in session. Citizen Lab is now calling on the European Parliament to investigate the full scope of spyware targeting during the PEGA proceedings, urging DG ITEC, which already offers optional spyware screening for MEPs, to significantly increase screening rates and publish yearly statistics.

“Whichever entity is responsible for the hacking, the infection could have exposed strictly confidential exchanges among PEGA Committee members and their staff, and other sensitive and confidential parliamentary proceedings, including to parties under investigation by the Committee itself,” concludes the report.

The finding that a PEGA Committee member was targeted with Pegasus spyware during the Committee’s work highlights the serious threat that mercenary spyware poses to the integrity of democratic processes.

Read full article

This post is licensed under CC BY 4.0 by the author.