Meta announced new legal action in an effort to combat the use of software created by Israel-based spyware firm NSO Group, which was used in phishing attempts designed to steal data from WhatsApp users.
The action is the latest in a series of steps Meta has undertaken to combat NSO-linked activities. NSO’s Pegasus spyware tool enables operators to steal WhatsApp user credentials and personal information.
As explained by Meta: “Last year, WhatsApp made history by securing a landmark verdict and permanent injunction barring NSO Group — a spyware firm blacklisted for actions contrary to US national security — from targeting WhatsApp and its users ever again. The court was unequivocal: NSO violated federal and state laws against hacking. Today, we’re asking the court to hold them in contempt of that order.”
NSO’s Pegasus system is able to seek out vulnerabilities on a victim’s device, which can then enable the perpetrator to steal sensitive information. That, Meta has argued, has enabled spyware attacks using NSO’s systems, which may be the most relevant point of the case.
Essentially, Meta isn’t accusing NSO itself of initiating these attacks, but is instead working to address NSO because its software has been used for such purpose. As such, Meta is seeking to hold NSO accountable for misuse of its tools, as opposed to targeting the specific perpetrators of such efforts.
Which is an interesting perspective, considering that Meta uses the very same argument, in relation to Section 230 protections, to absolve itself from legal liabilities relates to what people share in its apps, but that’s another argument entirely.
NSO-enabled attacks have caused various problems for Meta users in the past.
In 2019, WhatsApp alerted more than 1,000 users to a breach of its video calling system, which had potentially circulated malware to their mobile devices. This attack was particularly concerning, because users didn’t even have to answer a video call to trigger the malware.
At the time, Meta worked with cybersecurity experts to investigate the breach, which eventually led to Meta seeking legal action against NSO over the use of its spyware tools.
As Meta said, it had a significant win on this front in May 2025, with a federal jury awarding Meta $167 million in damages, and handing down an injunction to stop NSO software from being used on WhatsApp.
Now, Meta said, NSO is in breach of that order, which has prompted a follow-up legal response.
The case could have a wider-reaching impact on malware attacks, forcing NSO to remove such functionality from its offerings, and limiting the use of the tool overall.
As such, it makes sense for Meta to take a stand here and push for broader legal penalties, which could have a much broader cumulative impact. The case could also increase the pressure on NSO to address this element.
On a related front, Meta has also contributed to a new Spyware Accountability Initiative, which “supports dozens of organizations worldwide focused on forensic research, user support, and advocacy,” Meta said.
Meta will work with the group to help develop new approaches to combat spyware attacks and address concerns related to data-stealing initiatives.
