A new report from the Citizen Lab has revealed that former Member of the European Parliament Stelios Kouloglou had his mobile device repeatedly hacked with the notorious Pegasus spyware while serving on a committee that was tasked with investigating the abuse of such commercial surveillance tools in the bloc.

"Through forensic analysis of his device, we found that the attackers could have had access to confidential documents and committee deliberations," the Citizen Lab researchers John Scott-Railton, Bill Marczak, Bahr Abdul Razzak, Kate Pundyk, Siena Anstis, and Ron Deibert said.

The infections have not been attributed to a particular government at this time, and there is no evidence that the Greek government is behind the activity. However, the Canadian interdisciplinary research laboratory noted that it identified an overlap between the first infection and a previous campaign targeting Russian and Belarusian-speaking exiled journalists and activists in Europe.

This indicates that a Pegasus customer with authorization to spy in multiple European countries is likely responsible for the effort, the Citizen Lab added.

Kouloglou was a member of the European Parliament's "Committee of Inquiry to investigate the use of Pegasus and equivalent surveillance spyware" from March 24, 2022, to July 18, 2023. The PEGA Committee was set up on March 10, 2022, to probe alleged misuses of commercial spyware offerings under E.U. law, specifically focusing on gathering information on the extent to which member states and other countries are using such tools in contravention of the region's rights and freedoms.