EU Lawmaker Investigating Pegasus Targeted by Spyware

Unverified claim of Pegasus targeting EU lawmaker under scrutiny

The Pegasus spyware is back in global headlines, with reports that an EU lawmaker investigating the tool may have become its latest target. This development, if confirmed, illustrates the persistent threat posed by advanced spyware to public figures and those scrutinising surveillance technology. In this article, we break down the details of the alleged incident, the mechanics of Pegasus, and what it means for organisations and lawmakers at risk of similar attacks.

Alleged Pegasus Attack on EU Lawmaker: What Happened?

Recent reports suggest that a member of the European Parliament, actively involved in probing the use of Pegasus spyware, may have been targeted by the very surveillance tool they were investigating. The story emerged in June 2024, raising concerns about the reach and audacity of threat actors wielding state-grade spyware.

The lawmaker, whose identity has not been officially disclosed, was reportedly notified of suspicious activity on their mobile device. While formal confirmation is pending, cybersecurity experts and European officials are treating the incident as a credible example of Pegasus deployment against high-profile political targets. The incident underscores the ongoing risks faced by individuals scrutinising sensitive surveillance operations, especially within the European Union, where digital rights have become an increasing concern in recent years.

The alleged compromise, first reported by Macau Business, comes at a time when European institutions are actively investigating the use of Pegasus and similar tools across the continent. These investigations have already uncovered multiple cases where journalists, activists, and politicians were surveilled using advanced spyware.

Understanding Pegasus Spyware and Its Impact

Pegasus, developed by Israeli firm NSO Group, is a highly sophisticated surveillance tool sold exclusively to government agencies. It is capable of infecting both iOS and Android devices using zero-click exploits, meaning targets can be compromised without any user interaction. Once installed, Pegasus grants attackers extensive access to device data, communications, location, and even microphones and cameras.

The spyware is typically delivered through vulnerabilities in messaging apps or operating systems. In many historical attacks, Pegasus was deployed via:

  • Zero-click exploits in Apple iMessage or WhatsApp
  • Malicious links sent by SMS or email (now less common)
  • Exploitation of unpatched device vulnerabilities

Victims often remain unaware of the infection, as Pegasus is designed to avoid detection and erase traces of its presence. The tool’s use has been documented in dozens of countries, with targets including journalists, activists, lawyers, and government officials.

Timeline and Current Exploitation Status

The possible attack on the EU lawmaker reportedly took place in the first half of 2024, although the precise timeline is not public. The lawmaker had been engaged in parliamentary inquiries into the misuse of spyware, including Pegasus, in Europe. Upon noticing suspicious device behaviour, the individual sought technical analysis from security experts, who flagged indicators consistent with Pegasus activity.

As of June 2024, the investigation into this incident remains ongoing. European security agencies and third-party cybersecurity firms are involved in forensic analysis. If Pegasus is confirmed, it would represent a bold escalation in the targeting of EU officials. The incident follows a string of similar cases where parliamentarians and investigative journalists were targeted across Hungary, Poland, Spain, and Greece since 2021.

The case has not yet prompted any official attribution to a state actor or government agency. However, the NSO Group maintains that it sells Pegasus only to licensed government clients, and only for use in counter-terrorism and serious crime investigations. Critics argue that these controls have repeatedly failed to prevent misuse for political surveillance.

Cybersecurity researchers remain concerned about the continued exploitation of unpatched mobile device vulnerabilities. While Apple and Google regularly issue security updates, the rapid evolution of zero-day exploits means that high-profile individuals remain at risk, even when running the latest operating system versions.

Why This Matters: Implications for Lawmakers and Organisations

This incident, if confirmed, highlights the unique risks faced by lawmakers and investigators scrutinising surveillance technology. It demonstrates that the presence of high-grade spyware like Pegasus is not limited to authoritarian states or regions with weak legal protections. European officials and institutions are now clearly in the crosshairs of sophisticated surveillance campaigns.

For organisations and high-risk individuals, the event is a reminder of the importance of robust mobile security practices. Even the most up-to-date devices can be vulnerable to advanced threats. Regular device monitoring, prompt application of security updates, and consultation with cyber experts are essential for those handling sensitive information or challenging powerful interests.

  • Monitor for unusual device behaviour and seek expert analysis if suspected
  • Stay informed about emerging threats targeting mobile platforms
  • Engage with trusted cybersecurity partners for incident response planning

Conclusion

The reported targeting of an EU lawmaker investigating Pegasus spyware is a stark reminder of the persistent risks posed by state-grade surveillance tools. While the full details are still emerging, this episode underlines the necessity for vigilance and proactive security measures among those at the front lines of digital rights and policy oversight.

As investigations continue, the broader conversation around surveillance, accountability, and the protection of democratic institutions will remain central to the European cyber agenda.

Originally reported by Unknown.

Share this bulletin

About the Author

Headshot of Jonny Pelter, leading cyber security expert in the UK and CISO

Jonny Pelter

Partner

  • CIPM
  • CIPP/E
  • CISSP
  • CISM
  • CRISC
  • ISO27001
  • Prince2
  • MSc
  • BSc

Jonny Pelter

Jonny is a Founding Partner at CyPro and executive group level CISO who has worked closely with the British intelligence agencies NCSC and GCHQ.

An ex-professional rugby player and originating from KPMG and Deloitte, Jonny has a wealth of experience across numerous sectors including technology, critical national infrastructure, financial services, oil & gas, insurance, betting, pharmaceuticals and utilities.

Jonny is a leading cyber security expert in the UK, having featured on national media for his professional commentary such as BBC News, iPlayer, Telegraph and Times Radio.

View Profile
Back to Bulletins
Category
Malware
Published
Jul 3 - 2026
Post Tags
Cypro firewall showing robust network security
Secure your business.
Elevate your security, accelerate your growth. We take care of cyber security for high-growth companies, at every stage of their journey.
Get in touch
CyPro Cookie Consent

Hmmm cookies...

Our delicious cookies make your experience smooth and secure.

Privacy PolicyOkay, got it!

We use cookies to enhance your experience, analyse site traffic, and for marketing purposes. For more information on how we handle your personal data, please see our Privacy Policy.

Schedule a Call