The legal battle between Meta and the Israeli company NSO Group takes a new, tense turn. The parent company of WhatsApp has issued a serious accusation against the creators of the well-known spyware Pegasus, alleging the repeated violation of a permanent injunction issued by a U.S. court.
Despite the explicit judicial ban on targeting users of the famous messaging platform, Meta has in fact detected and blocked recent cyberattack attempts attributable directly to the controversial spyware producer.
Meta Accuses: NSO Group Continues to Attack WhatsApp
According to statements from the leadership of Menlo Park, the complex investigations triggered by user reports allowed to uncover highly sophisticated targeted spear-phishing campaigns.
The attackers have implemented social engineering tactics to deceive potential victims, prompting them to click on malicious links. The aim behind these messages was to redirect targets to external websites away from WhatsApp servers, using a methodology entirely similar to the previous one-click phishing operations already associated with NSO.
In addition to these digital lures, internal security systems identified the creation of test accounts and groups within the application, presumably used to calibrate the attack infrastructures. These fictitious profiles were promptly neutralized.
Faced with these clear violations, Meta filed a formal request with the judges to indict NSO Group for contempt of court.
A Long War in the Federal Courts
This legal clash traces back to 2019, when WhatsApp reported the sending of malware to around 1,400 mobile devices. On that occasion, forensic investigations showed that NSO’s developers had studied WhatsApp’s code in depth to create a modified version of the client, capable of evading defenses and installing their surveillance tools by passing through the application’s servers.
Last year, the U.S. District Court for the Northern District of California had recognized Meta’s case, confirming the permanent injunction and setting damages at $4 million, a figure reduced by the judge from the over $167 million initially awarded by the jury.
For NSO Group, this ban represents a huge business obstacle: in a recent legal filing, the Israeli company admitted that the injunction puts at high risk Pegasus sales, a fundamental product that generated 100% of the company’s revenues in 2025.
After seeing their request to suspend the provision denied, management filed an appeal with the Court of Appeals for the Ninth Circuit of the United States.
Global Surveillance and Fundamental Rights
NSO Group’s activities transcend the mere tech dispute between large American multinationals and foreign vendors. Since 2021, the U.S. government has placed the company on the so-called Entity List, a strict commercial blacklist, for having supplied cyber weapons to foreign governments interested in illegally spying on journalists, civil-rights activists, academics and diplomatic officials.
To strengthen international condemnation of such practices, the Knight First Amendment Institute of the Columbia University also intervened, which last month filed a legal brief in support of the restrictions. The institute described in unequivocal terms the grave risks associated with the proliferation of these digital armaments.
Pegasus, in fact, allows government or private operators to take full control of a target’s smartphone, extracting GPS coordinates, text messages, calls, files and passwords, even bypassing the most advanced encryption protocols.
For Meta’s leaders, the path forward admits no exceptions: when a commercial actor placed on a government blacklist continues to openly challenge the federal judiciary, the restrictions in force must remain strict and unforgiving.
