A member of the European Parliament, who was investigating the misuse of commercial spyware, had his phone hacked using Pegasus. This spyware is the very tool he was examining, according to recent findings from the digital rights research group Citizen Lab.
What Happened
The target was a sitting MEP on PEGA, a special EU committee set up to investigate the use and misuse of Pegasus and similar spyware across Europe. While the investigation was active, a government client of NSO Group, the Israeli company behind Pegasus, hacked the politician’s phone.
Pegasus is considered a “zero-click” spyware tool. This means it can infect a smartphone without the target ever having to click a link or download anything. Once it’s on the device, it can read messages, turn on the microphone and camera, and gather almost everything stored on the phone. Imagine giving someone a key to your entire digital life without knowing that key ever existed.
Citizen Lab, based at the University of Toronto and known for tracking Pegasus deployments, confirmed the infection after a forensic analysis of the politician’s device.
Why This Matters Beyond One Phone
This story isn’t just about one hacked phone. It focuses on who was targeted and the timing. The PEGA committee was created after reports revealed that EU member states, including Hungary and Greece, had used Pegasus against journalists, lawyers, and political opponents. The committee’s mission was to hold governments accountable for those abuses.
Hacking a member of that committee while their investigation was ongoing is what one MEP quoted by Wired called “a direct attack on the rule of law.”
This incident raises an unsettling question: if those investigating spyware abuse can be targeted, what does that imply about the oversight systems meant to prevent such abuse?
NSO Group’s Track Record
NSO Group insists it sells Pegasus only to vetted government clients for legitimate law enforcement and national security needs. Yet, Citizen Lab and other researchers have documented numerous cases where the tool was used against civil society, including activists, reporters, opposition politicians, and human rights lawyers.
In 2021, the U.S. Commerce Department placed NSO Group on its export blacklist, which prevents American companies from doing business with them. Apple has sued NSO Group, and Meta’s WhatsApp took legal action against the company in 2019 after Pegasus targeted around 1,400 of its users.
This recent case indicates that despite ongoing legal pressure and public scrutiny, the tool continues to be used against the very targets critics warned about.
What This Means for Everyday Users
Most people reading this probably won’t ever be targeted by Pegasus. The spyware is costly, and government clients usually reserve it for high-profile targets. However, this case highlights a broader truth: the phones we carry are surveillance devices by design. Sophisticated actors can turn that surveillance against anyone they view as a threat, including those trying to stop them.
For everyday users, the key takeaway is that keeping your phone’s operating system updated is the best defense against known spyware exploits. Citizen Lab’s findings have consistently helped Apple and Google patch the vulnerabilities Pegasus exploits. If you ignore those software update notifications, you’re leaving potential security gaps open longer than necessary.
Community Reaction
“The people meant to stop this stuff getting hacked by this stuff is the most on-brand 2020s thing I’ve read all week. Absolutely nothing will happen.”
“Every time I see a Pegasus story I think it can’t get more brazen and then it does. Targeting the actual investigators is a whole new level.”
What To Watch
- EU response: The European Parliament is likely to respond formally to Citizen Lab’s findings. Whether that leads to new sanctions or legal actions against the NSO Group client involved remains to be seen.
- NSO Group’s legal battles: The company continues its litigation with Apple and Meta in U.S. courts. Evidence from Citizen Lab’s investigations has previously been used in these cases.
- The identity of the government customer: Citizen Lab hasn’t publicly disclosed which government used Pegasus against the politician. Identifying that client would significantly impact the political fallout.
- Device patch cycles: If Citizen Lab identifies the specific exploit used, expect Apple and Google to issue emergency patches. Look for out-of-cycle security updates on iOS and Android in the coming weeks.
Sources: TechCrunch | Wired
Maya Torres
Maya Torres is the Consumer Tech Editor at Explosion.com with 7 years covering product launches for major technology publications. She has reviewed over 300 devices across smartphones, laptops, wearables, and smart home products. Maya specializes in translating spec sheets into real-world buying advice and attends CES, MWC, and Apple keynotes as press. Her reviews focus on helping readers decide what to buy, not just what specs look good on paper.


