Maker of Pegasus spyware told to pay $167m for WhatsApp hack

-editor- May 8, 2025
NSO Group

In a landmark legal ruling, Israeli cybersecurity firm NSO Group has been ordered to pay $167 million to WhatsApp’s parent company Meta, following a 2019 spyware attack that targeted 1,400 users through the popular messaging platform. This decision marks the first time a spyware developer has been held financially accountable for exploiting vulnerabilities in smartphone platforms.

The Pegasus Scandal: A Global Controversy

At the heart of the case is Pegasus, NSO Group’s infamous spyware capable of covertly accessing mobile devices’ microphones, cameras, messages, and location data without the user’s knowledge. Marketed as a tool for combating serious crime and terrorism, Pegasus has been widely condemned for its alleged use by authoritarian governments to surveil journalists, activists, political leaders, and dissidents.

The spyware drew international outrage in 2021 when a leaked list of over 50,000 phone numbers — believed to be potential Pegasus targets — was obtained by a global consortium of media organizations. Investigations revealed that victims included heads of state, government officials, business executives, members of royal families, and more than 180 journalists worldwide.

Among the most high-profile names reportedly targeted were French President Emmanuel Macron and associates of slain journalist Jamal Khashoggi, a vocal critic of the Saudi regime.

A Legal First in the Surveillance Tech Industry

Meta hailed the verdict as a “first victory against the development and use of illegal spyware,” noting that it sends a strong message to the surveillance tech industry. The jury’s decision also included an additional $444,000 in damages to Meta, concluding a legal battle that had dragged on for six years.

“The jury’s decision to force NSO to pay damages is a critical deterrent to this malicious industry against their illegal acts aimed at American companies,” Meta stated.

NSO Group responded cautiously, saying it would “carefully examine the verdict’s details and pursue appropriate legal remedies, including further proceedings and an appeal.” The company reiterated its stance that its technology is intended solely for use by authorized government agencies to combat serious crime and terrorism.

Potential Fallout for the Spyware Industry

Legal experts suggest this ruling could set a significant precedent, paving the way for other tech giants — whose platforms have reportedly been compromised by Pegasus — to pursue similar legal actions against NSO Group and other spyware developers.

Additional Insight

According to reports by Canadian research organization The Citizen Lab, Pegasus spyware is suspected to have infiltrated devices belonging to senior officials at the UK’s Downing Street and Foreign Office. This raises ongoing concerns about national security vulnerabilities in even the most secure government communications infrastructure. As the digital surveillance debate intensifies, this verdict marks a crucial milestone in holding spyware vendors accountable for their role in cyber-espionage campaigns.

More Stories

Marks & Spencer

M&S Confirms Customer Data Breach After Cyber Attack

-editor- May 15, 2025
Made in China

Rogue communication devices found in Chinese inverters

-editor- May 14, 2025
Tuomas Valimaki

Nordics Plan Offline Card Payments to Counter Cyber Sabotage Threats

-editor- May 11, 2025