Espionage Against the European Parliament(citizenlab.ca)
396 points by ledoge 17 hours ago | 101 comments
tl;dr: Citizen Lab found that former MEP Stelios Kouloglou was infected with NSO Group's Pegasus spyware at least twice (October 2022 and March 2023) while serving on the European Parliament's PEGA Committee investigating spyware abuses, likely exposing confidential committee deliberations. Researchers did not attribute the attack to a specific government but noted infrastructure overlap with a prior Pegasus campaign targeting Russian and Belarusian exiled journalists in Europe, suggesting an operator licensed across multiple EU jurisdictions. This marks the first known case of a sitting PEGA Committee member being hacked during the committee's work.
HN Discussion:
  • Apple's delayed threat notifications amount to security theatre rather than real protection
  • ~The attack likely came from an EU member state (Greece) rather than being an attack on the EU parliament itself
  • Smartphone architecture is fundamentally insecure and shouldn't be trusted for sensitive work
  • EU parliament should have policy separating work and personal devices
  • EU member states have a pattern of abusing Pegasus with no consequences, making this unsurprising