Meta: NSO violated spyware ban with new WhatsApp attacks
▼ Summary
– Meta accused spyware maker NSO Group of violating a court order that barred it from targeting WhatsApp users.
– WhatsApp caught and disrupted spear phishing attempts linked to NSO, including malicious links and test accounts.
– NSO developed Pegasus spyware, which the US government blacklisted in 2021 for targeting officials, journalists, and activists.
– A 2024 court ruling granted a permanent injunction against NSO and awarded WhatsApp damages, later reduced to $4 million.
– NSO appealed the injunction, claiming it jeopardizes its Pegasus product, but Meta says it caught NSO violating the order.
Meta has accused the NSO Group, the Israeli spyware firm behind the infamous Pegasus software, of violating a court order that explicitly barred it from targeting WhatsApp users. The social media giant announced that it successfully intercepted fresh spear-phishing attempts linked to the blacklisted company and is now seeking to hold it in contempt of court.
In a statement, WhatsApp’s parent company Meta said, “WhatsApp caught and disrupted spear phishing attempts linked to NSO, a spyware firm blacklisted by the US government.” The company added that it is asking a court “to hold NSO in contempt for violating a permanent injunction that barred them from ever targeting WhatsApp and its users.” The NSO Group was placed on the US Entity List in 2021 after authorities determined it had developed and supplied spyware to foreign governments, which then used the tool to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.
The legal battle dates back to last year, when WhatsApp won a permanent injunction against NSO in the US District Court for the Northern District of California. A jury had originally awarded WhatsApp over $167 million in damages, though a federal judge later reduced that sum to $4 million while upholding the injunction. NSO has since fought to overturn the order, arguing in a court filing that “the injunction jeopardizes NSO’s principal product, Pegasus, which represented 100 percent of NSO’s sales in 2025.” The district court denied NSO’s motion to stay the injunction, and the company has appealed to the US Court of Appeals for the 9th Circuit.
Now, Meta says it has caught NSO violating that order. “We successfully disrupted NSO-linked social engineering attempts, after investigating user reports,” Meta stated. “They tried to trick people into clicking on malicious links to drive them to external websites outside of WhatsApp, similar to previously reported 1-click phishing campaigns linked to NSO. We also caught them creating test accounts and groups on WhatsApp, which we took down.” The latest discovery marks a significant escalation in the ongoing conflict between the tech giant and the spyware maker, underscoring Meta’s continued vigilance in protecting its platform from state-sponsored surveillance tools.
(Source: Ars Technica)
