Senior European Union (EU) officials were targeted with Pegasus spyware last year, according to a report by Reuters.
These include current European Justice Commissioner Didier Reynders and at least four other commission staffers.
The news agency said it was notified of the claims by two EU officials and documentation it had reviewed.
The EU commission apparently became aware that members of its staff were being targeted by Pegasus spyware after being contacted by Apple in mass messages sent by the tech giant iPhone owners in November 2021. This warned recipients that they were “targeted by state-sponsored attackers.”
Following the warning, a senior tech staffer at the commission sent a message to colleagues to provide a background on spyware tools and emphasize the need to look out for additional warnings from Apple. The email, which Reuters reviewed, stated: “Given the nature of your responsibilities, you are a potential target.”
There is currently no information on who targeted Reynders and his colleagues with Pegasus and whether or not the attempts were successful.
NSO Group, the Israeli firm that developed Pegasus, said in a statement that it was not responsible for the hacking attempts described in the report, claiming the alleged targeting “could not have happened with NSO’s tools.” It added that it is in favor of an investigation into the matter.
The report is the latest in a series of damaging claims against NSO Group and Pegasus Spyware. For example, last year, it was reported that nine US State Department officials had their iPhones remotely hacked by Pegasus spyware, while it has been claimed the zero-click malware was used to hack the phone of Amazon boss Jeff Bezos.
As a result of such claims, NSO Group has been added to a US export blacklist and is being sued by Apple and Facebook for alleged targeted attacks on its users.
Commenting on the story, Jake Moore, global cyber security advisor at ESET, said: “Pegasus continues to attack devices and intrude on people’s lives in what seems like an endless game of cat and mouse. This extremely intrusive spyware is phenomenally powerful and can send extremely personal data such as text messages, photos and real-live location back to a remote threat actor. Similar spyware has been historically connected with targeting high profile or government officials who must remain aware of the possibility of being targeted at any time.