A European politician tasked with scrutinizing surveillance became its target. Stelios Kouloglou, serving on a committee investigating Pegasus spyware abuse, found his own iPhone infected with the same software in October 2022.
According to Stacker News Live, Pegasus - developed by Israel's NSO Group - invaded the device through a zero-click exploit. This technique requires no interaction from the victim, granting the attacker complete access to calls, messages, and data. The breach occurred while Kouloglou was actively investigating the NSO Group's activities.
“The hunter became the prey in the European Union.”
- Stacker News Live
This isn't consumer malware. Pegasus is high-end commercial surveillance sold exclusively to governments. The incident proves political stature offers no shield. Even those tasked with oversight are vulnerable to the tools they are trying to control.
Identifying the specific attacker is nearly impossible. Whether the infection came from a rival state, a domestic actor, or another EU member state, the breach reveals a fundamental security gap in high-level political and diplomatic circles. It demonstrates that the very institutions writing surveillance rules are themselves exposed.
The incident highlights the core irony of modern digital oversight: the regulators are not immune. It raises the question of how any meaningful privacy protection can be enforced when the enforcers can be silently watched.
