WhatsApp Disrupts NSO Group Spyware Attempt in Violation of Court Order
AI-generated from multiple sources. Verify before acting on this reporting.
SAN FRANCISCO — Additional corroborating reports have emerged regarding the hacking attempt involving NSO Group and WhatsApp. These new accounts confirm the initial findings that the surveillance firm targeted specific users in violation of the permanent court injunction. The reports detail the spear-phishing nature of the attack and align with WhatsApp's earlier disclosure of the incident. This development reinforces the messaging service's position in the ongoing legal dispute with the Israeli firm. No further technical details or user impact assessments have been released at this time. The legal proceedings continue as both parties prepare for subsequent court dates. WhatsApp maintains that the action taken was necessary to protect user privacy and security in accordance with the court order. The incident remains under review by relevant authorities.
SAN FRANCISCO — Additional corroborating reports have emerged regarding the targeted hacking attempt by NSO Group against WhatsApp users. These new accounts confirm the initial detection of the spear-phishing attack and provide further details on the scope of the intrusion. The reports indicate that the attack was more widespread than initially disclosed, affecting a broader range of targets than previously understood. WhatsApp has not yet released specific numbers regarding the total number of affected users, but the additional information underscores the severity of the incident. The messaging service continues to investigate the full extent of the breach and is cooperating with legal authorities. This development adds weight to WhatsApp's claims that NSO Group violated the permanent court injunction, potentially strengthening the platform's legal position in the ongoing dispute. No further action has been announced by either party at this time.
SAN FRANCISCO — WhatsApp detected and blocked a targeted hacking attempt by Israeli surveillance firm NSO Group on Monday, an action the messaging service said violated a permanent court injunction barring the company from targeting its users.
The incident, which occurred in the United States, marks a significant escalation in the long-running legal battle between the Meta-owned platform and the spyware developer. WhatsApp stated that NSO Group deployed a spear-phishing attack against specific users, attempting to exploit a vulnerability in the application to install surveillance software.
The move by NSO Group comes despite a permanent injunction issued by a U.S. federal court in October 2025. The court order explicitly prohibited the firm from hacking WhatsApp users or attempting to gain unauthorized access to the service. WhatsApp confirmed that the company's security systems identified the intrusion and successfully neutralized the threat before any user data was compromised.
NSO Group has not immediately commented on the specific incident. The firm has previously argued that its technology is sold to government clients to combat terrorism and serious crime. Legal representatives for NSO Group have maintained that the company is cooperating with ongoing legal proceedings and appeals related to the injunction.
The October 2025 ruling was a landmark decision in the case, which began after WhatsApp discovered that NSO Group had exploited a vulnerability in its app to target journalists, human rights activists, and other individuals. The court found that NSO Group had engaged in a global campaign of surveillance that violated U.S. law.
WhatsApp's security team said the latest attempt involved a sophisticated phishing campaign designed to trick users into clicking a malicious link. The company emphasized that its automated defenses were able to detect the anomaly and prevent the installation of the spyware. No users were reported to have been successfully compromised in this specific incident.
The incident raises questions about the enforcement of the court order and the ongoing capabilities of NSO Group to circumvent legal restrictions. Legal experts note that while the injunction is in place, the firm continues to operate and sell its products to international clients. The outcome of the ongoing appeals process remains uncertain.
WhatsApp stated it is working with law enforcement and legal authorities to investigate the source of the attack and determine the identity of the client who commissioned the operation. The company reiterated its commitment to protecting user privacy and holding bad actors accountable.
The case continues to draw attention from privacy advocates and lawmakers who are monitoring the intersection of national security, corporate surveillance, and civil liberties. As the legal proceedings continue, the focus remains on whether the court's injunction will be upheld and how effectively it can be enforced against a company with global operations.