- > In May 2026, Kouloglou contacted the Citizen Lab and we conducted a forensic analysis of artifacts from his iPhone. We found with high confidence that his device was successfully infected with Pegasus spyware on or around October 21, 2022, and again on March 6 and 7, 2023.
by freehorse
2 subcomments
- > we note an overlap between the first infection and a previously identified Pegasus campaign targeting Russian and Belarusian-speaking exiled journalists and activists in Europe, suggesting a Pegasus customer with authorization to spy in multiple European countries is responsible.
Who has "authorization to spy in multiple European countries"?
In this older article [0] about one of the mentioned russian exiles case it is mentioned that estonia and netherlands have used pegasus outside their borders, but there could be also others with such license
> the Netherlands’ General Intelligence and Security Service (AIVD) and an unnamed Estonian government agency, appear to use Pegasus extensively outside their borders, including within multiple European countries
However if the link between the russian exiles cases and kouloglou checks (through use of same mode of attack), a country like estonia sounds more likely. However, it can always be that an agency with access to pegasus uses it collaborating with/on behalf of an agency without.
[0] https://www.accessnow.org/publication/hacking-meduza-pegasus...
- Around that time a lot of politicians in Greece had their phones hacked by Pegasus. It's an ongoing scandal in Greece that never got fully resolved, although all evidence indicate that it was an operation orchestrated by the office of the prime minister in coordination with the local intelligence service. So I wouldn't call that an attack against the European parliament.
- > It is important to note that threat notifications from Apple and other companies are not real-time alerts. They are typically sent to users in batches, often months or more after targeting takes place.
Wow, so Apple is able to detect threat, but does not remove or prevent it, and waits silently for months before notifying a user?
If this is not a security theatre I don't know what is.
- One interesting thing here, is they imply that both confidential personal medical information and confidential gov docs might have been compromised via the same phone.
Does EU parliment not have a policy of seperating work and personal devices?
by codedokode
1 subcomments
- Isn't it the problem with software architecture choices like large monolitic kernels, lots of unnecessary telemetry/marketing services, legacy APIs, unsafe languages like C, lack of static analysis, etc?
You should threat a phone as an infected ground and do not keep anything important there.
Some leaders simply do not use smartphones and are protected from electronic spyware.
by juliusceasar
0 subcomment
- This couldn't have happened without the knowlege of Israeli government.
"The sale of Pegasus licenses to foreign governments must be approved by the Israeli Ministry of Defense."
- Euro Parliament/Euro Commission are comically open to espionage. French/Belgian counterintelligence are not allowed to do much, and there is little in terms of EU counterintelligence.
by vivzkestrel
1 subcomments
- - extremely stupid question: can they hack you with pegasus spyware if you use a nokia 1100?
- if yes -> extremely stupid suggestion: why cant people in government positions use a nokia 1100 as work phone and some other phone as a personal phone?
- Just for context, some european contries have been abusing spyware such as Pegasus so much Israeli firms have cut ties with them, one such example below with Italy. Others have pointed out Greece and Poland. It's quite laughable that a member of the EU parliament would be subject to the same kind of spying activities innocent journalists, activists and possibly normal people are, all of that by the member states of the union, directly contributing to the Israeli companies developing and spreading malware.
https://www.bbc.com/news/articles/cvgmzdjw24yo
- The catalan MEPs also were targeted with Pegasus, and I don't remember the details but at that time the only client were nation states, so Spain was the one to hire the service. Nothing happened.
by throw1234567891
0 subcomment
- They’ll quickly make up some law forcing someone to do something, or throw some hefty fine at someone, and it’ll be sorted pronto. Someone’s gotta be held responsible.
by CalRobert
1 subcomments
- Would lockdown mode on iOS stop this?
- There will be no real consequence, as always, just more paperwork, so how to expect that anything will change?
- How is it that any NSO employee is still able to travel outside Israel without getting arrested? Seems like they're involved in criminal conspiracies in like half the countries in the world.
by aussieguy1234
0 subcomment
- Of course, NSO group had nothing to do with it /s
- [flagged]
- [flagged]
- [flagged]
- [flagged]
by shevy-java
2 subcomments
- Not quite surprising. The more important question is: how much are lobbyists paid to sell out data of EU citizens to US corporations here? Will they prevail?
There is enough money to go around for certain.