Cyber Crime
WhatsApp Lawsuit Exposes NSO Group’s Deep Involvement in Pegasus Spyware Operations
Recent court filings in a legal battle between Meta’s WhatsApp and the Israeli surveillance firm NSO Group suggest the company may have been far more involved in the deployment of its Pegasus spyware than previously acknowledged.
According to documents released on November 14 by the U.S. District Court for the Northern District of California, NSO Group not only developed and maintained the spyware but also directly operated it on behalf of its clients, making it liable for its misuse, claim WhatsApp’s attorneys.
Background of the Lawsuit
WhatsApp initially filed the lawsuit in October 2019 after discovering that NSO Group had used WhatsApp servers to distribute Pegasus spyware to approximately 1,400 mobile devices.
Among those targeted were journalists, activists, and human rights defenders. The spyware enables covert monitoring of Android and iOS devices, including access to messages, emails, passwords, and location data, while evading detection.
FutureCrime Summit: Biggest Conference on Cyber Crimes Set to Return on February 13-14, 2025, in New Delhi
In the court filings, WhatsApp’s lawyers argue that NSO Group repeatedly exploited vulnerabilities in WhatsApp’s infrastructure, even creating tools to bypass measures introduced to stop such abuse.
This includes the use of modified apps and servers, dubbed “Heaven,” “Eden,” and later “Erised,” to facilitate the installation of Pegasus on target devices.
Claims of Direct Involvement
WhatsApp asserts that NSO Group controlled every aspect of the spyware’s operation. The lawyers allege that customers needed only to input a target’s phone number, after which NSO Group managed the entire process of data collection and delivery.
The court documents reveal that NSO was so aware of client activities that it disconnected service to at least 10 customers for excessive misuse.
This direct involvement undermines NSO Group’s long-standing claim that it merely licenses Pegasus to government agencies for legitimate law enforcement and anti-terrorism purposes.
Critics, however, argue that the spyware has been widely abused to surveil journalists, political dissidents, and human rights advocates in countries with questionable human rights records.
Controversy Surrounding Pegasus Spyware
Pegasus is one of the most controversial spyware tools, with the potential to intercept sensitive data and track user activities. A 2021 data leak revealed that more than 50,000 phone numbers were selected for surveillance by NSO clients in nations such as Mexico, India, and Hungary.
ALSO READ: Nominations Open for ‘Women in Cyber’ Honors at FutureCrime Summit 2025
Following these revelations, the U.S. government blacklisted NSO Group in 2021, effectively barring it from operating in the country or collaborating with U.S. entities abroad.
Escalation of Legal Challenges
The lawsuit is one of several legal challenges NSO Group faces globally. WhatsApp’s attorneys emphasize that the company’s development of successive tools to bypass platform security measures indicates deliberate and sustained exploitation. Meanwhile, NSO has sought to dismiss the case, arguing it has no U.S. jurisdiction and that its government clients use Pegasus within legal boundaries.
Increasing Proliferation of Spyware Vendors
While NSO Group was once among a small number of spyware vendors, the sector has since grown rapidly, driven by demand from government agencies worldwide. According to a 2023 report by Google, commercial spyware providers are now responsible for nearly half of all zero-day exploits identified since 2014.
The outcome of the WhatsApp lawsuit could set a critical precedent in holding spyware vendors accountable for misuse, amid growing scrutiny over the ethical and legal implications of such technologies.