Espionage Against the European Parliament

399 points · 105 comments on HN · read original →

Points and comments are a snapshot, not live.

MEP Stelios Kouloglou was hacked with Pegasus spyware while investigating spyware abuses.

Citizen Lab found former MEP Stelios Kouloglou's iPhone was infected with NSO Group's Pegasus spyware on Oct 21, 2022, and March 6-7, 2023, while he served on the European Parliament's PEGA Committee investigating spyware. The first infection came during intense committee activity, including preparations for hearings and a draft report on spyware abuses in Poland, Hungary, Greece, Cyprus, and Spain. The second infection occurred during final drafting. The same HomeKit email used in the 2022 attack matched a previously identified Pegasus campaign targeting Russian and Belarusian-speaking journalists in Europe. Citizen Lab does not attribute the attacks to a specific government.

What commenters are saying

Commenters found the hacking unsurprising given widespread state use of spyware, but noted irony that a committee investigator was targeted. Some questioned why Kouloglou didn't notice Apple's threat notifications; others suggested malware could suppress them or that he mistakenly dismissed them as phishing. Several commenters distinguished between NSO's Pegasus and Intellexa's Predator spyware, noting Greece's scandal involved Predator. A pro-tip pointed to the MVT open-source tool for forensic analysis of phones. A minority split argued this reflects broader European surveillance issues, not just an attack on parliament.