_probably_ is doing the heavy lifting here
>> Kouloglou reports to us that he did not recall receiving the Apple notifications we observed.
Am I understanding this correctly that Apple sent him notifications that he was being monitored and he ignored them?
I wonder what triggered him to suspect he was hacked then. Since presumably something triggered him to have his phone forensically investigated.
Not saying this is likely. Just another possibility.
Then again, you’d think that’s the kinda thing malware developers would spend some time learning to hide from the user.
>A Threat Notification is displayed at the top of the page after the user signs into account.apple.com.
>Apple sends an email and iMessage notification to the email addresses and phone numbers associated with the user’s Apple Account.
You can see what it looks like in https://reddit.com/r/iphone/comments/1c10jai/i_have_received...
I wonder how they detect it, is it for known IOCs that they've already found elsewhere, or do they have heuristic detection that flags things that might need further investigation.
It isn’t hard to accidentally dismiss one then wonder what it was. Why there isn’t there an interface for looking back?
Edit: below it says there are emails and notices on web login.
That or he didn't notice or could have assumed the notice itself was one of many phishing attempts against large orgs.
If I saw a notification that my account was compromised by Pegasus I'd personally assume phishing.
PC viruses used to do that stuff going back so many years ago. Suppressing any notification under Windows, by disabling the AV software, its notifications, windows notifications related to it.
So it will amaze me that this is not done by any modern espionage software. Especially as the notification methods are known. Given that his device is hacked, that means a lot of avenues are under control of the espionage software. Even mails etc ... So impersonating the end user, to confirm they read a warning, is extreme easy.
I find it rather odd that people are so fixated on the idea if Kouloglou read it or not.
Its going to have every trick in the book (and outside it), to stay hidden. And it will have payloads to alter its behavior, updates, etc...
Nobody is going to pay you big fat money envelops for software that anybody can write in a afternoon. You want it to be as capable as ever, and you do not want it found!
It's silly, but it's a show the public never tires of.
They spy on most others though. Germany’s Merkel, successive French presidents etc all had their phones hacked by US there is widely reported news of.
https://en.wikipedia.org/wiki/United_States_espionage_in_Aus...
"In December 2010, leaked US diplomatic cables indicated senior New Zealand Defence Ministry officials had been spying for the United States, secretly briefing the United States embassy on Cabinet discussions about the Iraq War."
https://en.wikipedia.org/wiki/Foreign_espionage_in_New_Zeala...
Doubt.
> unless there was a compelling national security reason
There always is.
Can you substantiate your doubt with even one piece of hard evidence?
Believe such nonsense at your own peril.
https://en.wikipedia.org/wiki/Israeli_espionage_in_the_Unite...
> In 1951, Mossad and the Central Intelligence Agency agreed not to spy on each other and US and Israeli services cooperated closely since then.
> Nevertheless, there were strong indications afterwards of ongoing Israeli espionage against the United States, confirmed by the 1985 arrest of Israeli spy Jonathan Pollard, one of the most damaging security leaks in US history.
> Israeli espionage reached a high-profile peak in the mid-1980s, shattering assumptions that allies "do not spy on each other".
People can state a lot, as long as your not caught.
Nothing prevent you from having the UK spy on the Germans, and feeding that intel back. Or Israel, or ... Hey, the US did not spy on a EU ally. Well, not directly and it neatly bypassed any official statements.
They might have simply gone to one of those secret court hearings and have it bypassed with a gag order in place. Officially its not done, unofficially, its been approved.
The whole "as long as you do not tell me your doing it" approach, and the politicians involve maintain deniability (even if they had the wink).
And you do not need to specific target the head off state. Plenty of side routes to still get information on meetings, that involve those heads of states. Even if your not "directly" spying on them.
So no, its a naïve way of thinking. Maybe in 20 years from now we find out, that they did spy on EU leaders. Maybe directly, maybe indirectly ... even with that directive in place. I will be amazed if they did not. Its the US we are talking about.
It's entirely possible an EU country did this; they're only vaguely guessing Belarus or whoever. In most countries, it's a big deal if the spies are caught spying on the domestic government.
> quite a few private entities do as well.
It's a risky game, doing that. You don't get any of the professional courtesies, and you're not usually eligible for the prisoner exchanges.
Who has "authorization to spy in multiple European countries"?
In this older article [0] about one of the mentioned russian exiles case it is mentioned that estonia and netherlands have used pegasus outside their borders, but there could be also others with such license
> the Netherlands’ General Intelligence and Security Service (AIVD) and an unnamed Estonian government agency, appear to use Pegasus extensively outside their borders, including within multiple European countries
However if the link between the russian exiles cases and kouloglou checks (through use of same mode of attack), a country like estonia sounds more likely. However, it can always be that an agency with access to pegasus uses it collaborating with/on behalf of an agency without.
[0] https://www.accessnow.org/publication/hacking-meduza-pegasus...
Does EU parliment not have a policy of seperating work and personal devices?
The more important you are the more you may think that exceptions can be made for you.
He didn’t have medical information on the phone.
https://notesfrompoland.com/2026/02/26/poland-charges-former...
Everything looks like a nail if you have a hammer.
There is enough money to go around for certain.
The documents identified several technology companies as participants in the PRISM program, including Microsoft in 2007, Yahoo! in 2008, Google in 2009, Facebook in 2009, Paltalk in 2009, YouTube in 2010, AOL in 2011, Skype in 2011 and Apple in 2012 "
It feels like there is a limit on distribution. Just getting people to try a product is incredibly hard. Very hard to reach them and ads feel like they're only served to bots.
You and I, however, are not corporations, so maybe it's in our best interest if they actually aren't allowed to do whatever they want.