The research stops short of naming any government that may have used Pegasus against Kouloglou, noting in particular that it found no indication of Greek government involvement. But Citizen Lab does say it found overlaps between the attacks on Kouloglou’s phone and the use of Pegasus against seven Russian- and Belarusian-speaking journalists and activists between August 2020 and January 2023.
“They did not only target an MEP, they spied on the investigation into spyware abuse itself. That shows the whole absurdity of the situation,” Hannah Neumann, a Green MEP who served on the spyware committee, tells WIRED.
A spokesperson for the European Parliament did not directly comment on the findings when asked about them by WIRED, but says it has a “spyware screening system” that is available to all MEPs and has recently adopted measures to expand its protections.
Kouloglou’s phone was first infected while he happened to be in the hospital on October 21, 2022, according to the findings from Citizen Lab. While recovering from elective surgery, he was visited by Greek investigative journalist Thanasis Koukakis, who had previously been hacked with Predator spyware. The following week, the PEGA Committee held several hearings on the impact of spyware and how it could interfere with human rights. Members of the committee, including Kouloglou, then visited Cyprus and Greece as part of its investigations.
On March 6 and 7, 2023, according to the findings, Kouloglou’s phone was infected with Pegasus spyware again. Neumann, who was also part of the investigation, says that around the time of the first compromise of Kouloglou’s phone, the committee was heading into “key hearings,” including questioning companies operating within the spyware industry.
At the time of the 2023 incident, Neumann says, the group was finalizing and conducting negotiations on its findings. “Looking at the dates, it’s pretty obvious that somebody was not just randomly spying on him, but really targeted the committee’s work,” Neumann says.
“I got angry because you realize that your private life, including messages not only with politicians, friends, but your personal life with relatives, kids, wives, et cetera has been monitored by somebody,” Kouloglou says. “It’s not a matter only about privacy, it’s also a matter about justice, democracy and the corruption fight.”
Citizen Lab found, as part of its forensic analysis, that Kouloglou’s phone received three notifications from Apple, in March and August 2023 and April 2024, alerting him that he was likely being targeted with spyware. These notifications are not issued in real time and Kouloglou says he does not have a recollection of seeing them.
Kouloglou and other MEPs tell WIRED they are concerned that other members of the committee could also have been targeted and that the group’s recommendations—including creation of an EU-based tech lab focused on forensic device analysis and a spyware taskforce for elections—have not been adopted years after the committee completed its report.
“Europe has a mountain of spyware abuses, and nothing has happened—it’s an embarrassment for European institutions,” says Citizen Lab’s Scott-Railton. “It leaves Europeans unprotected even as AI promises to turbocharge the mercenary spyware threat by lowering costs and barriers to entry.”
He notes, too, that some countries, including the United States, have made progress combating spyware use through sanctions, visa bans, executive orders, and other deterrents.
“There is no lack of awareness of the problems that come with mercenary spyware,” says Neumann. “That’s what the Pegasus Committee wrote the whole report about. There is no lack of recommendations on how to fix it. It’s just a matter of, can you please now do it?”

Leave a Reply Cancel reply
You must be logged in to post a comment.