Pegasus Spyware Compromises European Parliament Member Investigating Surveillance Abuse
- Javier Conejo del Cerro
- hace 5 dÃas
- 2 min de lectura

Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou was repeatedly infected with the Pegasus spyware while serving on the PEGA Committee, the parliamentary body created to investigate the misuse of commercial surveillance technologies across the European Union.
The findings highlight the growing concern that highly sophisticated spyware is being deployed not only against journalists and activists, but also against lawmakers responsible for overseeing and regulating its use.
How the Attack Worked
Forensic analysis showed that Kouloglou’s iPhone was compromised on multiple occasions between October 2022 and March 2023.
The attackers reportedly exploited PWNYOURHOME, a zero-click vulnerability affecting Apple’s HomeKit ecosystem, allowing Pegasus to infect the device without any user interaction. Apple later patched the vulnerability in iOS 16.3.1.
Once deployed, Pegasus could silently access communications, documents, contacts, messages, and other sensitive information stored on the device.
The timing of the compromises coincided with critical moments in the PEGA Committee’s investigation and report drafting process, raising concerns that confidential parliamentary discussions may have been exposed.
Why This Matters
Unlike conventional malware, Pegasus is designed for high-value intelligence collection.
Its capabilities include:
Complete device surveillance.
Access to encrypted communications.
Collection of documents, contacts, calendars, and emails.
Location tracking.
Microphone and camera activation.
Continuous monitoring without user awareness.
Citizen Lab also identified infrastructure overlaps with previous Pegasus campaigns targeting Russian and Belarusian journalists and political activists across Europe, suggesting that the same operator may have been responsible for multiple espionage operations.
Although no government has been officially attributed, the investigation indicates that the operator likely possessed authorization to conduct surveillance across several European jurisdictions.
Broader Implications
The case reinforces longstanding concerns surrounding commercial spyware.
Solutions originally marketed for fighting terrorism and organized crime continue to appear in investigations involving politicians, journalists, opposition figures, and civil society organizations.
The report also follows other recent Citizen Lab investigations into:
Cellebrite forensic tool abuse.
SS7 and Diameter telecom tracking.
Covert location surveillance through mobile network infrastructure.
Together, these findings demonstrate that surveillance increasingly extends beyond malware and now leverages multiple layers of telecommunications and digital ecosystems.
Defense Measures
Organizations and individuals at elevated risk should:
Keep iOS and all mobile devices fully updated.
Enable Apple Lockdown Mode when appropriate.
Monitor and investigate Apple Threat Notifications immediately.
Restrict unnecessary services and attack surfaces.
Perform regular mobile threat hunting and forensic analysis.
Implement Mobile Threat Defense (MTD) solutions.
Train executives and public officials on advanced surveillance threats.
Develop incident response procedures specifically for mobile devices.
Conclusions
The compromise of a European Parliament member investigating spyware abuse illustrates how advanced surveillance capabilities continue to outpace traditional security assumptions.
Pegasus remains one of the most sophisticated commercial espionage platforms ever documented, capable of silently compromising high-profile targets without user interaction. As mobile devices increasingly store the most sensitive personal and professional information, protecting them has become just as critical as securing corporate endpoints and networks.
