Price:

POLITICS

Pegasus spyware targets the EU investigator hunting it

Thursday, July 16, 2026 · from 1 podcast
  • A top EU politician investigating Pegasus spyware was infected by it.
  • The tool provides full phone access without a user click.
  • mThe breach shows oversight committees are not safe from the tech they regulate.

A European politician tasked with scrutinizing surveillance became its target. Stelios Kouloglou, serving on a committee investigating Pegasus spyware abuse, found his own iPhone infected with the same software in October 2022.

According to Stacker News Live, Pegasus - developed by Israel's NSO Group - invaded the device through a zero-click exploit. This technique requires no interaction from the victim, granting the attacker complete access to calls, messages, and data. The breach occurred while Kouloglou was actively investigating the NSO Group's activities.

“The hunter became the prey in the European Union.”

- Stacker News Live

This isn't consumer malware. Pegasus is high-end commercial surveillance sold exclusively to governments. The incident proves political stature offers no shield. Even those tasked with oversight are vulnerable to the tools they are trying to control.

Identifying the specific attacker is nearly impossible. Whether the infection came from a rival state, a domestic actor, or another EU member state, the breach reveals a fundamental security gap in high-level political and diplomatic circles. It demonstrates that the very institutions writing surveillance rules are themselves exposed.

The incident highlights the core irony of modern digital oversight: the regulators are not immune. It raises the question of how any meaningful privacy protection can be enforced when the enforcers can be silently watched.

Source Intelligence

- Deep dive into what was said in the episodes

SNL #232: Pegasus used against EU Pegasus investigatorJul 13

  • Keon explains that Pegasus spyware, developed by Israel's NSO Group, infected EU investigator Stelios Kouloglou's iPhone via a zero-click exploit in October 2022.
Also from this episode: (11)

Protocol (7)

  • Gregory Maxwell demonstrated a block explorer vulnerability by submitting a raw transaction showing him spending 21 million BTC, which was invalid but displayed due to the explorer's poor validation.
  • Carl mentions early Bitcoin source code analysis suggests the original coin limit was 1.99 billion, changed to 21 million before the January 2009 launch.
  • Carl cites NeedCreation saying Bitcoin Quest crossed 600 registered users from over 30 countries.
  • Researchers at TU Delft built Tribler, a decentralized BitTorrent client designed to be unstoppable, with funding secured until 2032. The project experiments with autonomous servers funded by Bitcoin.
  • Keon says Spark's unilateral exit guarantee is impractical for mobile wallets, requiring external data from Spark operators, unlike Phoenix which offers a user-friendly mobile exit.
  • Merch wrote about replay protection concerns for BIP110, suggesting users can split coins by spending on the main chain at low fees due to the fork's high difficulty.
  • Carl cites Predex data showing over 2 Bitcoin in combined trading volume on their BIP110 activation prediction market.

BTC Markets (1)

  • Bull Bitcoin is petitioning against DAC8, a European Union law requiring exchanges to share customer data across member states, citing risks of data leaks and physical attacks.

Regulation (1)

  • Carl cites Peter Todd's claim that France's tax authority leaked Bitcoin ownership data, leading to home invasions, assaults, and torture.

Privacy (1)

  • Crew analyzed Bitcoin privacy epochs and showcased Wasabi Wallet's Wabi-Sabi coinjoin protocol, which allows variable input sizes and has recent privacy mitigations.

Open Source (1)

  • Flipper Zero announced it will shift to community-driven development via GitHub, limiting team resources and requiring feature requests through GitHub discussions.