Spyware firm targeted WhatsApp users in defiance of US court order, Meta says

A spyware firm has been targeting WhatsApp users with malicious links in contravention of a US court order forbidding it from doing so, Meta has said.In a post, Meta said WhatsApp had “caught and disrupted spear phishing attempts” by NSO Group, which a spokesperson said targeted a handful of users in Jordan and Lebanon. It had also caught the group creating “test accounts and groups” on WhatsApp.NSO was founded in Israel but, since last year, is under US ownership. It built the Pegasus spyware, at the time one of the most powerful surveillance tools ever – which used a vulnerability in WhatsApp to infiltrate users’ phones and harvest all their data: messages, photos, calls and more.Last year, it lost a court case against Meta for exploiting WhatsApp to target people; Meta was awarded $167m in damages. A later case reduced this to $4m but placed a permanent injunction against NSO barring it from targeting WhatsApp and its users.Meta said the latest attacks showed NSO had violated this injunction and it asked the court to hold the company in contempt of the order.“To me, it’s an astonishing signal of hubris that NSO would do this while permanently enjoined from not doing it,” said John Scott Railton, a senior researcher at the Citizen Lab, which investigates digital threats against civil society.“It either speaks to the fact that they think they wouldn’t get caught, or to the fact that they believe, rightly or wrongly, they have a special way to not face the consequences of violating a US federal permanent court injunction.”Since the start of the Trump administration, reporting has suggested that NSO is searching for a way into the US market – and to do so is trying to get off the US commerce department “blacklist”, which bars it from doing business with US companies without specific approval.It was placed there after the Biden administration determined it had acted “contrary to the foreign policy and national security interests of the US” over the widespread abuse from Pegasus.The group appointed David Friedman, the US ambassador to Israel from 2017 to 2021 during Donald Trump’s first term, as executive chair last autumn and has engaged a lobbying firm close to the US president.“They are the poster child for the lawless mercenary spyware industry. If they had chosen to not do this, their big effort to rebrand as an ethical spyware company that wants to make big moves into the US market would be more credible,” said Railton.Earlier this year, Meta suggested that NSO was linked to a lawsuit brought against the company which alleged Meta could read users’ encrypted WhatsApp messages. The law firm that brought that case was also, at the time, representing NSO.There have been a handful of cases since that have made similar claims, including one in Israel and another filed by the Texas attorney general, Ken Paxton.“WhatsApp cannot access people’s encrypted communications and any suggestion to the contrary is false,” a Meta spokesperson, Rachel Holland, wrote in a statement about that lawsuit.NSO Group did not respond to a request for comment.