Espionage Against the European Parliament
8 hours ago
- #European Parliament
- #cybersecurity
- #spyware
- Former MEP Stelios Kouloglou was repeatedly hacked with NSO Group's Pegasus spyware while serving on the PEGA committee investigating spyware abuses.
- The infections occurred during critical periods of PEGA committee activity, potentially compromising confidential documents, deliberations, and parliamentary privilege.
- Forensic analysis confirmed infections on October 21, 2022, and March 6-7, 2023, with possible exposure of sensitive information including health data and committee communications.
- The attacker used the PWNYOURHOME zero-click exploit, and the same operator may have targeted exiled Russian and Belarusian-speaking journalists and activists in Europe.
- No attribution to a specific government was made, and no evidence points to the Greek government, but the license likely allowed infections across multiple EU jurisdictions.
- This case highlights the threat of mercenary spyware to democratic processes, with several other MEPs also previously targeted.
- Recommendations include immediate forensic screenings for MEPs and staff, enhanced cybersecurity measures, and investigations by EU institutions into the breach.