Post: Politician who investigated spyware abuses had his phone hacked with Pegasus spyware

Politician who investigated spyware abuses had his phone hacked with Pegasus spyware

Security researchers have confirmed that a European politician had his phone hacked with Pegasus spyware while serving on an investigative committee investigating abuses of the notorious surveillance tool. This has reignited controversy over governments misusing spyware to collect information on their critics.

The hacking of Greek journalist and former politician Stelios Kologlou’s phone during 2022 and 2023 is the first time that a member of the European Parliament’s PEGA committee, tasked with investigating phone spyware attacks, has been publicly targeted by European governments, researchers at the University of Toronto’s digital rights unit The Citizen Lab say.

Kologlu told TechCrunch in a phone call that the intentional compromise of his phone was “reckless.” A serving European lawmaker described the hacking of Kologlo’s phone as a “direct attack on the rule of law” and called on the European Commission to take concrete action by imposing stricter restrictions on the use of spyware in the 27-member state bloc.

Although spyware attacks on lawmakers are rare, the committee’s investigator’s time and intense spyware targeting under his investigation suggests a closer look at the committee’s inner workings ahead of a widely anticipated report detailing its findings. The hacks open fresh questions about how governments use spyware that appears to be necessary to detect serious crime, but is then caught snooping on the communications of journalists, lawmakers and critics.

CitizenLab researchers did not attribute the phone hacking to a specific country, but said the government user used the same Pegasus-laden email address used in a previous campaign that hacked the phones of journalists across Europe. The identity of the user is unknown, but the reuse of the same attacker email address suggests that the user had permission from NSO Group to use its Pegasus spyware to spy on phones in several countries in Europe.

A spokesperson for the European Commission did not respond to TechCrunch’s request for comment. The NSO Group also did not respond to a request for comment on the Citizen Lab report prior to publication.

i His report on FridayCitizenLab said Colloglo was hacked in October 2022 and at least twice during March 2023 using an exploit that compromised a security vulnerability in Apple’s iPhone software. The vulnerability was patched but not yet installed on Kouloglou’s phone. The exploit was a “zero-click” bug, meaning the spyware broke into and stole her data without requiring any interaction on her part.

The bug exploited a previously discovered flaw in Apple’s smart home software used in iPhones. This allowed the spyware to retrieve private data from Kologlu’s phone without her knowledge, such as her text messages and other correspondence, location data and photos.

The timing of the October 2022 hack coincides with intense email and text message discussions throughout October and November 2022, prior to the delivery of a first draft detailing spyware abuses that focused on Cyprus, Greece, Hungary, Poland and Spain.

The hack also lines up at the exact time that Kologlu was in the hospital for a pre-scheduled surgery, which allowed the spyware operators to listen to ambient audio of him discussing his health care or other conversations with visitors at the time.

Months later on March 6 and 7, Citizen Lab said that Kologlou’s phone was hacked again by the same Pegasus operator while Kologlou traveled from Athens to Brussels, during committee hearings and several months before the committee finalized and adopted their written draft report.

In a call, Kouloglou told TechCrunch that he didn’t know why he was specifically targeted but believed it was because of his work on a European Parliament committee investigating Pegasus breaches.

He described his anger when he learned that his phone had been hacked.

“You realize that all your personal data [was taken] — not all professional exchanges or messages with ministers — but also very private things, like happy moments and sad moments,” he told TechCrunch.

Kologlo said he plans to sue Israeli-headquartered spyware maker NSO Group. NSO has been largely banned from use in the United States following a Biden-era executive order that outlawed the government’s use of spyware that could violate people’s human rights.

Last year, the spyware maker confirmed that an unnamed US investment group invested tens of millions of dollars in the company, possibly as part of an effort to revive NSO’s troubled brand associated with enabling human rights abuses.

Cologlu said he is bringing his story to the public with “democracy, human rights and the fight against corruption”.

He said that corruption worries everyone.

When you make a purchase through links in our articles, we may earn a small commission. This does not affect our editorial freedom.