RSS

Meta alleges NSO violated spyware injunction with new WhatsApp attacks

stalfosknight1 pts0 comments

Meta alleges NSO violated spyware injunction with new WhatsApp attacks - Ars Technica

Skip to content

AI

Biz & IT

Cars

Culture

Gaming

Health

Policy

Science

Security

Space

Tech

Forum

Subscribe

Story text

Size

Small<br>Standard<br>Large

Width

Standard<br>Wide

Links

Standard<br>Orange

* Subscribers only

Learn more

Pin to story

Theme

Search

Sign In

Sign in dialog...

Text<br>settings

Story text

Size

Small<br>Standard<br>Large

Width

Standard<br>Wide

Links

Standard<br>Orange

* Subscribers only

Learn more

Minimize to nav

Meta today accused spyware maker NSO Group of violating a court order that barred it from targeting users of WhatsApp.

“WhatsApp caught and disrupted spear phishing attempts linked to NSO, a spyware firm blacklisted by the US government,” WhatsApp owner Meta said in an announcement. Meta said it is asking a court “to hold NSO in contempt for violating a permanent injunction that barred them from ever targeting WhatsApp and its users.”

NSO is an Israeli company that developed the Pegasus spyware. The US government added NSO to the Entity List in 2021, saying it “developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.”

WhatsApp won a permanent injunction against NSO last year in US District Court for the Northern District of California, and a jury awarded WhatsApp over $167 million in damages. A federal judge reduced the award to $4 million but granted the injunction, which NSO has since been trying to overturn. NSO complained in a court filing that “the injunction jeopardizes NSO’s principal product, Pegasus, which represented 100 percent of NSO’s sales in 2025.”

The district court denied NSO’s motion to stay the injunction, and NSO has appealed to the US Court of Appeals for the 9th Circuit. Today, Meta said it caught NSO violating the court order.

“We successfully disrupted NSO-linked social engineering attempts, after investigating user reports,” Meta said today. “They tried to trick people into clicking on malicious links to drive them to external websites outside of WhatsApp, similar to previously reported 1-click phishing campaigns linked to NSO. We also caught them creating test accounts and groups on WhatsApp, which we took down.”

We contacted NSO Group and will update this article if it provides a comment.

Meta: NSO is malicious, “continues to defy US courts”

WhatsApp filed its case against NSO in 2019, alleging that NSO used WhatsApp to send malware to about 1,400 mobile phones and devices for the purpose of surveilling the devices’ users.

“The evidence showed that defendants reverse-engineered WhatsApp’s code to create a modified version of the WhatsApp client application, which they then used to install their software on target users’ devices via WhatsApp’s servers,” US District Judge Phyllis Hamilton wrote in the permanent injunction order. “The evidence further showed that defendants repeatedly re-designed their software to avoid detection and circumvent plaintiffs’ security fixes.”

Meta said today that its “case has shown that NSO continues to build spyware tools to target people’s devices… When a malicious company on the US government’s Entity List continues to defy US courts, existing restrictions must remain firmly in place.”

NSO’s appeal to the 9th Circuit was opposed in an amicus brief filed last month by the Knight First Amendment Institute at Columbia University.

“The proliferation of commercial spyware across the globe is a profound threat to free expression and freedom of the press, with serious implications for the United States,” the Knight Institute said. “The technology at issue in this case, NSO Group’s Pegasus, allows for near-perfect surveillance of the victims targeted by NSO Group’s customers. Pegasus enables operators to take full control of a target’s smartphone, providing access to GPS locations, contact details, text messages, phone calls, notes, web-browsing history, messaging-application activity, files, and passwords—even if the target used security measures like encryption to protect their data.”

Jon Brodkin

Senior IT Reporter

Jon Brodkin

Senior IT Reporter

Jon is a Senior IT Reporter for Ars Technica. He covers the telecom industry, Federal Communications Commission rulemakings, broadband consumer affairs, court cases, and government regulation of the tech industry.

27 Comments

Comments

Forum view

Loading comments...

Prev story

Next story

1.<br>For the 2nd time in weeks, Microsoft packages laced with credential stealer

2.<br>A Falcon 9 booster turns 5 years old—and just set a remarkable reuse record

3.<br>Tests suggest Russian satellites can jam GPS on a continental scale

4.<br>"Chat is dead": OpenAI preps overhaul of ChatGPT

5.<br>How a USB-connected speaker can infect a PC without ever being touched

Customize

whatsapp meta spyware injunction court standard

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

Apple WWDC 2026 Livestream

nextstep32 ptsapple stream video event live feed

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.