> we note an overlap between the first infection and a previously identified Pegasus campaign targeting Russian and Belarusian-speaking exiled journalists and activists in Europe, suggesting a Pegasus customer with authorization to spy in multiple European countries is responsible.
Who has "authorization to spy in multiple European countries"?
In this older article [0] about one of the mentioned russian exiles case it is mentioned that estonia and netherlands have used pegasus outside their borders, but there could be also others with such license
> the Netherlands’ General Intelligence and Security Service (AIVD) and an unnamed Estonian government agency, appear to use Pegasus extensively outside their borders, including within multiple European countries
However if the link between the russian exiles cases and kouloglou checks (through use of same mode of attack), a country like estonia sounds more likely. However, it can always be that an agency with access to pegasus uses it collaborating with/on behalf of an agency without.
[0] https://www.accessnow.org/publication/hacking-meduza-pegasus...
One interesting thing here, is they imply that both confidential personal medical information and confidential gov docs might have been compromised via the same phone.
Does EU parliment not have a policy of seperating work and personal devices?
Around that time a lot of politicians in Greece had their phones hacked by Pegasus. It's an ongoing scandal in Greece that never got fully resolved, although all evidence indicate that it was an operation orchestrated by the office of the prime minister in coordination with the local intelligence service. So I wouldn't call that an attack against the European parliament.
Just for context, some european contries have been abusing spyware such as Pegasus so much Israeli firms have cut ties with them, one such example below with Italy. Others have pointed out Greece and Poland. It's quite laughable that a member of the EU parliament would be subject to the same kind of spying activities innocent journalists, activists and possibly normal people are, all of that by the member states of the union, directly contributing to the Israeli companies developing and spreading malware.
Euro Parliament/Euro Commission are comically open to espionage. French/Belgian counterintelligence are not allowed to do much, and there is little in terms of EU counterintelligence.
How is it that any NSO employee is still able to travel outside Israel without getting arrested? Seems like they're involved in criminal conspiracies in like half the countries in the world.
[flagged]
Not quite surprising. The more important question is: how much are lobbyists paid to sell out data of EU citizens to US corporations here? Will they prevail?
There is enough money to go around for certain.
[flagged]
[flagged]
> In May 2026, Kouloglou contacted the Citizen Lab and we conducted a forensic analysis of artifacts from his iPhone. We found with high confidence that his device was successfully infected with Pegasus spyware on or around October 21, 2022, and again on March 6 and 7, 2023.