Senior European Union officials have found evidence that their phones were targeted using the Pegasus surveillance spyware developed by Israeli security firm NSO Group, Reuters reported Wednesday.
In a letter addressed to European lawmaker Sophie in ‘t Veld by EU Justice Commissioner Didier Reynders and obtained by Reuters, Reynders said he had been warned last year by tech giant Apple that his iPhone may have been targeted by hackers.
This prompted a broader investigation, reported by Reuters in April, that found evidence of other European officials being targeted by hackers using Israeli surveillance technology.
Reynders’s letter marked the first time the Belgian official was acknowledging that he may have been targeted. While his letter indicated that the ongoing investigation hadn’t found conclusive proof of any officials being hacked, it did find “indicators of compromise,” meaning that there was evidence of a hack.
In ‘t Veld, who shared Reynders’s letter with Reuters, told the news agency that it was crucial to identify the perpetrators who had targeted Reynders and the European Commission, suggesting that it could be an EU member state, which would be especially scandalous and have far-reaching implications for the organization.
NSO Group, which had previously said it was not responsible for the alleged hacking attempts of European officials, told Reuters that t iwould be willing to assist in the investigation.
“Our assistance is even more crucial, as there is no concrete proof so far that a breach occurred,” an NSO spokesperson said. “Any illegal use by a customer targeting activists, journalists, etc., is considered a serious misuse.”
The investigation has recently concluded that 14 EU member states had purchased the Israeli spyware.
According to Reynders’s letter, officials in Spain, Hungary and Poland were being questioned about their use of Pegasus. The letter also said that Israeli authorities were asked by the European Commission to “prevent the misuse of their products in the EU.”
Earlier this month, Amnesty International said former Polish officials were among the victims of attempted phone hackings using NSO Group’s powerful Pegasus software.
The officials were identified as former deputy treasury ministers Pawel Tamborski and Rafal Baniak, as well as some advisers in the previous liberal government. They were linked to the 2014 sale of state chemical giant CIECH to a private investor. The extent of the attempted hacking wasn’t clear.
In April, it was found that the phones of dozens of pro-independence supporters in Spain’s northeastern Catalonia, including the regional chief and other elected officials, were hacked with the Israeli software.
NSO’s Pegasus spyware has been used around the world to break into the phones and computers of human rights activists, journalists, and even Catholic clergy. The firm has been subject to export limits by the US federal government, which has accused NSO of conducting “transnational repression.” NSO has also been brought to court by major technology companies, including Apple and Meta, the owner of WhatsApp.
Pegasus infiltrates phones to vacuum up personal and location data and also surreptitiously controls the smartphone’s microphones and cameras, turning them into real-time surveillance devices. NSO Group’s stealthiest hacking software uses “zero-click” exploits to infect targeted cellphones without any user interaction.
NSO Group claims it only sells Pegasus to government agencies to target criminals and terrorists.
Agencies contributed to this report.