Spy Software Used Against European Politician

A2

Spy Software Used Against European Politician

歐洲政治人物遭間諜軟體攻擊


Introduction

Experts from a university found a secret program on the phone of Stelios Kouloglou. He worked for the European Parliament.

大學專家在歐洲議會成員 Stelios Kouloglou 的手機中發現了一個秘密程式。

Main Body

The program is called Pegasus. It entered his phone in October 2022 and March 2023. The software used a mistake in Apple's home system to get inside. It stole his private messages and his location.

該程式被稱為 Pegasus。它於 2022 年 10 月和 2023 年 3 月進入了他的手機。該軟體利用 Apple 系統中的一個漏洞潛入,並竊取了他的私人訊息與定位資訊。

This happened when Mr. Kouloglou wrote a report about spy software in Europe. The attackers wanted to see his secret papers and notes.

這發生在 Kouloglou 先生撰寫一份關於歐洲間諜軟體報告期間。攻擊者希望查看他的機密文件與筆記。

Experts do not know which country did this. But they saw an email address from a past attack on journalists. The company NSO Group sells this software, but the US government has rules against it.

專家目前尚不清楚是哪個國家所為。但他們發現了一個在先前攻擊記者時出現過的電子郵件地址。NSO Group 公司負責銷售此軟體,但美國政府已出台相關禁令。

Conclusion

Mr. Kouloglou wants to take the NSO Group to court. Now, people want the European Commission to make strict laws against spy software.

Kouloglou 先生打算起訴 NSO Group。目前人們希望歐盟委員會能針對間諜軟體制定嚴格法律。

Vocabulary Learning

🕒 Talking about the Past

In this story, we see words that tell us things happened before now. To reach A2, you need to recognize these simple 'past' markers.

The Pattern: Action Words with -ed When we talk about completed actions, we often add -ed to the end of the word.

  • Work \rightarrow Worked
  • Enter \rightarrow Entered
  • Use \rightarrow Used

The Pattern: Special Changes Some words are 'rebels' and change their whole shape instead of adding -ed.

  • Find \rightarrow Found
  • Steal \rightarrow Stole
  • Write \rightarrow Wrote

Quick Summary for Your Notebook: Regular \rightarrow add -ed Irregular \rightarrow word changes completely

Vocabulary Learning

expert (n.)
A person who knows a lot about a specific subject
Example:The computer expert fixed my laptop quickly.
secret (adj.)
Something that is hidden from other people
Example:She kept her birthday party a secret.
software (n.)
Programs and operating information used by a computer
Example:I need to install new software on my phone.
private (adj.)
Only for one person or a small group; not public
Example:Please do not read my private letters.
attacker (n.)
A person who tries to hurt or break into something
Example:The attacker tried to steal information from the website.
journalist (n.)
A person who writes news stories for newspapers or TV
Example:The journalist asked the politician many questions.
court (n.)
A place where legal problems are decided by a judge
Example:The man had to go to court for his crime.
strict (adj.)
Following rules exactly and expecting others to do the same
Example:My teacher is very strict about homework.
B2

Evidence Confirms Pegasus Spyware Used Against European Parliament Member

證據證實 Pegasus 監視軟體被用於針對歐洲議會議員


Introduction

Researchers from the University of Toronto have confirmed that Stelios Kouloglou, a former member of the European Parliament, was targeted by Pegasus surveillance software while serving on an investigation committee.

多倫多大學的研究人員證實,前歐洲議會議員 Stelios Kouloglou 在調查委員會任職期間,被 Pegasus 監視軟體針對。

Main Body

The technical analysis by Citizen Lab shows that Mr. Kouloglou's device was hacked on two separate occasions: October 2022 and March 2023. The attackers used a 'zero-click' method, which means they exploited a weakness in Apple's smart home software without the user needing to click any link. Because the device had not been updated with the latest security patch, the software was able to steal private messages, location data, and record audio from the surroundings.

Citizen Lab 的技術分析顯示,Kouloglou 先生的裝置在 2022 年 10 月和 2023 年 3 月兩次被入侵。攻擊者使用了「零擊」方法,也就是利用 Apple 智慧家庭軟體的漏洞,使用者無需點擊任何連結即可被入侵。由於裝置未更新最新的安全補丁,該軟體能夠竊取私人訊息、位置數據並錄製周圍的音訊。

These attacks happened at critical times for the PEGA committee. The first hack occurred while the committee was drafting a report on spyware use in countries like Greece and Poland. The second attack in March 2023 happened just as the committee was finishing its final report and holding hearings in Brussels. Consequently, it appears the attackers wanted to steal secret discussions and confidential parliamentary documents.

這些攻擊發生在 PEGA 委員會的關鍵時刻。第一次入侵發生在委員會起草一份關於希臘和波蘭等國家使用監視軟體報告期間。第二次攻擊於 2023 年 3 月發生,當時委員會正準備完成最終報告並在布魯塞爾舉行聽證會。因此,看來攻擊者想要竊取秘密討論內容和機密的議會文件。

Although Citizen Lab did not name a specific government as the attacker, they found that the email address used in the attack was also used to target Russian and Belarusian journalists. This suggests that a customer of the NSO Group, the company that makes Pegasus, was responsible. While the NSO Group has not officially responded, the company is currently restricted by a US executive order due to human rights concerns.

雖然 Citizen Lab 未指名特定政府為攻擊者,但他們發現攻擊中使用的電子郵件地址也曾被用於針對俄羅斯和白俄羅斯記者。這顯示 NSO Group(製作 Pegasus 的公司)的一名客戶應為責任方。雖然 NSO Group 尚未正式回應,但該公司目前因人權疑慮而受到美國行政命令的限制。

Conclusion

Mr. Kouloglou plans to take legal action against the NSO Group. Meanwhile, this incident has led to demands for the European Commission to create stricter rules to limit the use of spyware within the EU.

Kouloglou 先生計劃對 NSO Group 採取法律行動。同時,此事件促使各界要求歐盟委員會制定更嚴格的規則,以限制在歐盟內部使用監視軟體。

Vocabulary Learning

🚀 The 'Logic-Link' Upgrade: Moving from Simple to Sophisticated

At the A2 level, you usually connect ideas with simple words like and, but, or because. To reach B2, you need Logical Connectors that show the relationship between two complex events.

Let's look at how this article transforms basic ideas into a professional narrative:


🔗 The 'Cause & Effect' Power-Up

Instead of saying "The hackers wanted secrets, so they attacked," the author uses:

"Consequently, it appears the attackers wanted to steal..."

The B2 Secret: Consequently is a formal way to say "as a result." Use it when you want to sound like an analyst or a professional.

⚖️ The 'Contrast' Shift

Instead of using but to start every sentence, look at this structure:

"Although Citizen Lab did not name a specific government... they found that the email address..."

The B2 Secret: Using Although at the start of a sentence creates a "complex sentence." It tells the reader: "I am giving you a fact, but I'm about to show you why it's not the whole story."

🕒 The 'Simultaneous Action' Technique

A2 students say: "The hack happened. The committee was writing a report." B2 students use While to merge them:

"...was targeted by Pegasus surveillance software while serving on an investigation committee."

The B2 Secret: While + [verb-ing] is the fastest way to describe two things happening at the exact same time without repeating the subject.


Quick Comparison Table

A2 Style (Simple)B2 Style (Sophisticated)Effect
Because of this...Consequently...Sounds authoritative
But they didn't...Although they didn't...Sounds balanced
At the same time...While [doing]...Sounds fluid

Vocabulary Learning

surveillance (n.)
The careful watching of a person or place, especially by the police or army
Example:The government was accused of using illegal surveillance to monitor political opponents.
exploit (v.)
To make use of a weakness or a flaw for one's own advantage
Example:Hackers often exploit security vulnerabilities in outdated software to steal data.
confidential (adj.)
Intended to be kept secret
Example:The lawyer reminded the client that all their discussions would remain strictly confidential.
consequently (adv.)
As a result of something that has happened
Example:The company failed to innovate; consequently, it lost its market share to competitors.
restricted (adj.)
Limited in extent, number, or access
Example:Access to the military base is strictly restricted to authorized personnel only.
C2

Forensic Confirmation of Pegasus Spyware Deployment Against European Parliament Committee Member

法醫分析確認歐洲議會委員被部署 Pegasus 監視軟體


Introduction

Researchers from the University of Toronto have verified that Stelios Kouloglou, a former member of the European Parliament, was targeted by Pegasus surveillance software during his tenure on an investigatory committee.

多倫多大學的研究人員已證實,前歐洲議會議員 Stelios Kouloglou 在調查委員會任職期間,曾被 Pegasus 監視軟體鎖定目標。

Main Body

The forensic analysis conducted by Citizen Lab indicates that the device belonging to Mr. Kouloglou, a substitute member of the PEGA committee, was compromised on two distinct occasions: October 2022 and March 2023. The technical mechanism employed was a 'zero-click' exploit targeting a vulnerability in Apple's smart home software; the success of this intrusion was facilitated by the absence of a current software patch on the target device. This capability permitted the unauthorized extraction of private correspondence, geolocation data, and ambient audio recordings.

Citizen Lab 進行的法醫分析顯示,PEGA 委員會候補委員 Kouloglou 先生的裝置在 2022 年 10 月與 2023 年 3 月這兩個截然不同的時間點被入侵。所採用的技術機制是一種針對 Apple 智慧家庭軟體漏洞的「零擊(zero-click)」漏洞攻擊;由於目標裝置缺乏目前的軟體補丁,促成了此次入侵的成功。此功能允許未經授權地提取私人通訊、地理位置數據以及環境音訊錄音。

Chronologically, these intrusions align with critical phases of the PEGA committee's operations. The initial compromise occurred during the formulation of a draft report focusing on spyware utilization in Cyprus, Greece, Hungary, Poland, and Spain, and immediately preceded fact-finding missions to Greece and the Greek Cypriot Administration. The subsequent infection in March 2023 coincided with the finalization of the committee's written report and hearings in Brussels. Such timing suggests a strategic intent to acquire non-public deliberations and confidential parliamentary documentation.

從時間順序來看,這些入侵與 PEGA 委員會運作的關鍵階段相吻合。首次入侵發生在擬定一份關注賽普拉斯、希臘、匈牙利、波蘭和西班牙使用監視軟體草案報告期間,且緊接在前往希臘和塞浦路斯行政當局進行事實調查任務之前。隨後於 2023 年 3 月的感染則與委員會書面報告的定稿及在布魯塞爾舉行的聽證會同時發生。這樣的時機顯示出獲取非公開討論內容和機密議會文件的戰略意圖。

Regarding attribution, Citizen Lab has not identified a specific state actor. However, the observation that the attacking email address corresponds to a previous campaign targeting exiled Russian and Belarusian journalists suggests the involvement of a Pegasus customer with multi-jurisdictional authorization from the NSO Group. While the NSO Group has not provided a formal response to these findings, the organization remains subject to a United States executive order restricting its use due to human rights concerns, despite recent capital infusions from an American investment entity.

關於歸屬分析,Citizen Lab 尚未確認特定的國家參與者。然而,觀察到攻擊用的電子郵件地址與先前針對流亡俄羅斯和白俄羅斯記者的行動相符,這表明一名獲得 NSO Group 跨司法管轄區授權的 Pegasus 客戶參與其中。儘管 NSO Group 未對這些發現提供正式回應,但由於人權考量,該組織仍受美國一項限制其使用的行政命令約束,儘管近期獲得了一家美國投資實體的資本注入。

Conclusion

Mr. Kouloglou intends to initiate legal proceedings against the NSO Group, while the incident has prompted calls for the European Commission to implement stringent regulatory constraints on spyware usage within the union.

Kouloglou 先生打算對 NSO Group 提起法律訴訟,而此事件也促使各界呼籲歐盟委員會對歐盟內部的監視軟體使用實施嚴格的監管限制。

Vocabulary Learning

The Architecture of 'Nominalization' and High-Density Information Packing

To move from B2 to C2, a student must transition from describing actions to constructing concepts. This text is a masterclass in Nominalization—the process of turning verbs (actions) and adjectives (qualities) into nouns. This transforms a narrative into a formal, analytical discourse.

◈ The Morphological Shift

Observe how the text avoids simple subject-verb-object sentences in favor of complex noun phrases:

  • B2 Approach: The researchers analyzed the forensics and confirmed that the spyware was deployed. (Active/Narrative)
  • C2 Approach: "Forensic Confirmation of Pegasus Spyware Deployment..." (Conceptual/Static)

By converting confirm \rightarrow confirmation and deploy \rightarrow deployment, the author removes the 'actor' from the foreground and elevates the 'event' to a scholarly object of study.

◈ Strategic Density: The "Noun Cluster"

C2 proficiency is signaled by the ability to stack modifiers without losing syntactic coherence. Examine this sequence:

"...multi-jurisdictional authorization from the NSO Group"

Analysis:

  1. Multi-jurisdictional (Complex Compound Adjective) \rightarrow modifies Authorization (Abstract Noun).
  2. This creates a highly compressed packet of information. Instead of saying "authorization that works across many different legal systems," the writer uses a single adjective-noun pair.

◈ Lexical Precision & Collocational Rigor

Note the use of "Capital Infusions" instead of "receiving money" or "investments."

  • Infusion implies a deliberate, targeted injection of liquid assets into a corporate structure.
  • Stringent regulatory constraints replaces "strict rules."

C2 Insight: At this level, vocabulary is not about 'big words,' but about semantic specificity. Stringent carries a connotation of rigorous enforcement that strict lacks; constraints suggests a limiting force rather than a simple rule.


Linguistic takeaway for the B2 \rightarrow C2 transition: Stop telling a story; start building a case. Replace 'The company did X because Y happened' with 'The occurrence of Y precipitated the implementation of X.'

Vocabulary Learning

forensic (adj.)
Relating to the use of scientific methods and techniques to investigate a crime or technical breach.
Example:The forensic analysis of the hard drive revealed that the files had been deleted manually.
tenure (n.)
The period of time during which a person holds a specific office or position.
Example:During her tenure as CEO, the company expanded its operations into three new continents.
compromised (adj.)
Describing a system or device that has been breached or exposed to unauthorized access.
Example:The security team discovered that the server had been compromised via a phishing attack.
facilitated (v.)
To make an action or process easier to accomplish.
Example:The new software update facilitated a more seamless integration between the two platforms.
ambient (adj.)
Relating to the immediate surroundings of something, particularly in terms of sound or light.
Example:The microphone was sensitive enough to pick up ambient noise from the street outside.
deliberations (n.)
Long and careful consideration or discussion, typically by a group, before reaching a decision.
Example:The jury's deliberations lasted for three days before they finally reached a unanimous verdict.
attribution (n.)
The act of assigning a cause, origin, or responsibility to a specific person or entity.
Example:In cybersecurity, attribution is often difficult because attackers use proxy servers to hide their identity.
multi-jurisdictional (adj.)
Spanning or involving several different legal territories or areas of authority.
Example:The investigation became a multi-jurisdictional effort involving police from five different countries.
infusions (n.)
The introduction of a new amount of money into a company or organization to help it survive or grow.
Example:The startup survived the economic downturn thanks to several capital infusions from venture capitalists.
stringent (adj.)
Strict, precise, and exacting, often used in the context of regulations or requirements.
Example:The airline industry is subject to stringent safety regulations to prevent accidents.
Practice All words in a crossword