Spyware compromise of MEP Stelios Kouloglou
SurveillanceComments
The report mentions the spyware was detected during a routine security audit of the hardware. This implies it could have been sitting dormant for months before the committee appointment.
The claim that this is tied to the committee feels a bit fast. I see city council members get hit with basic phishing scams every week just for clicking the wrong link in a fake invoice.
Exactly. Without a timeline showing the infection happened after the appointment, it is just a coincidence. Many of these targeted attacks are actually opportunistic scans of known vulnerabilities.
This mirrors the watering hole attack strategy where attackers compromise a site frequently visited by a specific group. If the committee's internal portal was the vector, the target was likely anyone with access to those documents, not Kouloglou personally.
I wonder if this relates to the recent reports about zero-click exploits targeting EU officials... it makes the timing seem less like a coincidence and more like a pattern...
If we assume the timing is intentional, would the attackers really risk the exposure of their tool on a member of the very committee investigating it? Could this be a deliberate leak to signal vulnerability to the group?