San Francisco | Global technology company Meta Platforms has launched a fresh legal offensive against Israeli spyware developer NSO Group, alleging that the firm continued targeting WhatsApp users despite being subject to a permanent court injunction. The development has revived international concerns over digital surveillance, privacy rights, and the growing sophistication of cyber-espionage tools.
According to Meta, its security teams recently disrupted a series of cyberattacks linked to NSO Group that were aimed at compromising WhatsApp users through carefully crafted phishing campaigns. The company announced that it plans to seek a contempt-of-court order in a U.S. federal court, arguing that NSO violated judicial directives that explicitly prohibited it from targeting WhatsApp and its users.
FCRF’s Flagship Cyber Law Certification Returns With a New Four-Week Cohort
The latest dispute stems from a long-running legal battle between the two companies. Meta has maintained that NSO repeatedly attempted to exploit vulnerabilities in messaging platforms to gain unauthorized access to users’ devices. The company argues that the alleged activities continued even after a court imposed permanent restrictions on the spyware firm’s operations involving WhatsApp.
In a statement, Meta said the newly detected attacks resembled previous “one-click phishing” campaigns. These attacks typically involve convincing a target to click on a malicious link that redirects the victim to an external website or initiates a process capable of compromising a device. Cybersecurity experts regard such attacks as particularly dangerous because they often require minimal interaction from the victim and can bypass traditional security awareness measures.
Unlike conventional phishing schemes that seek passwords or banking credentials, one-click attacks can exploit software vulnerabilities immediately after a user interacts with a malicious link. In some cases, a single click is enough to enable unauthorized access to sensitive data, communications, or device functions. Security researchers have repeatedly warned that such techniques are increasingly being used by sophisticated cyber-espionage operators.
Meta also disclosed that WhatsApp had identified and removed multiple test accounts and groups allegedly created by NSO-linked operators. The company claims these accounts were part of efforts to test or facilitate future cyber operations. NSO Group did not immediately issue a public response to the allegations.
The legal confrontation comes after a significant court ruling issued last year in the United States. In that decision, a federal court ordered NSO Group to stop targeting WhatsApp users and prohibited further unauthorized activities involving the platform. While the financial penalties imposed on the company were later reduced substantially, the permanent injunction remained intact and was widely viewed as a major setback for the spyware manufacturer.
NSO Group has remained at the center of global controversy because of its Pegasus spyware technology. Human rights organizations, privacy advocates, and cybersecurity researchers have repeatedly alleged that Pegasus was used to monitor journalists, political opponents, activists, lawyers, and civil society figures in several countries. Although NSO has consistently denied misuse of its products, the company has faced regulatory scrutiny and legal challenges across multiple jurisdictions.
Adding further weight to Meta’s position, the company revealed that a coalition of 12 prominent civil rights organizations, cybersecurity researchers, privacy advocates, and digital rights experts recently filed legal briefs supporting efforts to uphold the injunction against NSO. These groups argue that weakening restrictions on spyware developers could create significant risks for digital freedoms and personal privacy worldwide.
Cybersecurity specialists say the dispute extends far beyond a disagreement between two companies. The case is increasingly being viewed as a landmark test of how far technology platforms can go to protect users from sophisticated surveillance tools and whether spyware vendors can be held accountable for the downstream use of their products.
The outcome could have broad implications for future cybersecurity enforcement, digital rights protections, and the regulation of commercial surveillance technology. As court proceedings continue, governments, technology firms, privacy advocates, and security researchers around the world are expected to watch closely. The eventual ruling may help define the balance between national security interests, commercial spyware development, and the fundamental privacy rights of billions of internet users in the years ahead.
