Meta Accuses NSO Group of Violating Court Order in New WhatsApp Targeting Allegations
Meta has asked a US court to hold NSO Group in contempt for allegedly targeting WhatsApp users again, violating a permanent injunction issued after a previous lawsuit.
Meta is seeking to have Israeli spyware firm NSO Group held in contempt of court, alleging that the company has once again targeted WhatsApp users, thereby violating a permanent injunction. The social media giant claims to have disrupted "NSO-linked social engineering attempts" following investigations into user reports.
According to Meta, these recent attempts involved luring targets into clicking malicious links that would redirect them to external websites. The company also noted the creation of test accounts and groups on the WhatsApp platform as part of these efforts. WhatsApp has publicly shared a list of domains associated with this alleged campaign, including ikhwancast[.]com, ghazacast[.]com, and fr24cast[.]com, and is providing indicators to help organizations detect related activities.
This latest development escalates the ongoing legal conflict between Meta and NSO Group. In December 2024, a US court found NSO Group liable for hacking WhatsApp users through its Pegasus spyware. A subsequent jury awarded Meta approximately $168 million in damages in May 2025. However, the judge later reduced the award to $4 million and simultaneously issued a permanent injunction prohibiting NSO Group from targeting WhatsApp or its user base.
Meta asserts that NSO Group has disregarded this court order. "Last year, WhatsApp made history by securing a landmark verdict and permanent injunction barring NSO Group... from targeting WhatsApp and its users ever again," the company stated. "Today, we're asking the court to hold them in contempt of that order."
While Meta provided limited technical specifics regarding the timing, scale, success rate, or direct attribution of the alleged operation to NSO, the company's stance on commercial spyware has hardened. Meta now frames such surveillance technology as a national security concern.
"When a malicious company on the US government's Entity List continues to defy US courts, existing restrictions must remain firmly in place," WhatsApp argued. "Easing them would undermine US national security and put American companies and billions of people worldwide who depend on secure communications at risk."
If Meta's accusations are substantiated, this incident suggests that legal defeats and court orders may not be sufficient deterrents for spyware vendors targeting high-value platforms and users. The ongoing legal battles highlight the persistent challenges in regulating the use of sophisticated surveillance technologies.
The situation underscores the complex interplay between national security interests, commercial surveillance, and the legal frameworks designed to govern them, particularly in the context of cross-border operations and advanced cyber capabilities.
WhatsApp has escalated its legal battle against NSO Group by filing a federal court contempt order. This new filing alleges that NSO has violated a prior court order prohibiting them from accessing WhatsApp's systems, specifically in relation to the deployment of Pegasus spyware via zero-click exploits.
WhatsApp has identified and disrupted a new spear-phishing campaign linked to NSO Group, accusing the spyware firm of violating a permanent injunction. The campaign attempted to lure fewer than 10 users in Jordan and Lebanon into clicking malicious links, though no successful compromises were detected. WhatsApp is petitioning the court to hold NSO in contempt for this alleged violation, citing NSO's continued development of exploit vectors.