Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124

The research stopped short of naming any government that may have used Pegasus against Kologlou, noting in particular that it found no indication of Greek government involvement. But Citizen Lab says it has found overlap between the attacks on Kologlu’s phone and the use of Pegasus against… Seven Russian and Belarusian-speaking journalists and activists Between August 2020 and January 2023.
“Not only did they target an MEP, they spied on the spyware abuse investigation itself. This shows the absurdity of the whole situation,” Hannah Newman, an MEP who served on the spyware committee, told WIRED.
A spokesperson for the European Parliament did not comment directly on the findings when asked by WIRED, but said it has a “spyware screening system” available to all MEPs that has been used recently. Measures adopted To expand its protection.
Kologlu’s phone was first hacked while he was in the hospital on October 21, 2022, according to Citizen Lab’s findings. While recovering from elective surgery, he was visited by Greek investigative journalist Thanasis Kukakis, who operated on him It was previously hacked using Predator spyware. The following week, the PEGA committee held several hearings on the impact of spyware and how it could interfere with human rights. Committee members, including Kologlou, then visited Cyprus and Greece as part of their investigations.
On March 6 and 7, 2023, according to the results, Kuloglu’s phone was infected with Pegasus spyware again. At the time of the first hacking of Kologlu’s phone, the committee was heading into “key hearings,” including questioning companies involved in the spyware industry, says Newman, who was also part of the investigation.
At the time of the 2023 incident, the group was finalizing and negotiating its findings, Newman says. “Looking at the dates, it’s pretty clear that someone was not just randomly spying on him, but actually targeting the committee’s work,” Newman says.
“You felt angry because you realized that your private life, including messages not only with politicians and friends, but also your personal life with relatives, children, wives, etc., had been monitored by someone,” Kuloglu says. “It’s not just about privacy, it’s also about justice, democracy and anti-corruption.”
As part of its forensic analysis, Citizen Lab found that Kologlu’s phone received three notifications from Apple, in March, August 2023 and April 2024, alerting him that it was likely to be the case. Targeting it with spyware. These notifications are not issued in real time, and Kologlu says he doesn’t remember seeing them.
Kuloglu and other members of the European Parliament told WIRED that they were concerned that other members of the committee might also be targeted and that the group Recommendations— including the creation of an EU technical laboratory focused on forensic device analysis and an election spyware task force — were not approved years after the commission finished its report.
“Europe has a mountain of spyware breaches, and nothing has happened, which is embarrassing for European institutions,” says Scott Railton of Citizen Lab. “It leaves Europeans unprotected even as AI promises to enhance the threat of mercenary spyware by lowering costs and barriers to entry.”
It also notes that some countries, including the United States, have made progress in combating the use of spyware through sanctions, visa bans, executive orders, and other means of deterrence.
“There is a lack of awareness of the problems that come with mercenary spyware,” Newman says. “This is what the Pegasus Commission wrote the entire report about. There is no shortage of recommendations on how to fix it. It’s just a question of, can you please do it now?”