NSO Group Fined $168 Million for Using Spyware to Hack WhatsApp

The Israeli group, NSO, known for its spyware, Pegasus, was found liable for $167.254 million in punitive damages after hacking nearly 1500 WhatsApp users’ devices back in 2019.

This ruling by the federal jury in California came through on May 6, after a long-standing court battle between NSO and Meta. The cyberattack exploited a zero-day vulnerability in WhatsApp’s voice-calling feature and targeted journalists, politicians, and human rights activists in over 50 countries.

The lengthy court battle between NSO and Meta lasted almost six years, and the American company was supported by many non-governmental organizations (NGOs), tech companies, and digital and human rights organizations, such as Amnesty International. In addition to the $167 million fine, NSO must also compensate Meta with $444,719.

In a public statement, Meta considered the verdict a fundamental step to protect people against surveillance-for-hire spyware like Pegasus. After all, this type of attack allows bad actors to access and control targeted devices remotely, including microphones and cameras.

According to Meta, the company will secure a court order to prevent NSO from targeting WhatsApp ever again.

The Pegasus spyware is just a drop in an ocean full of cyberthreats. While this case presents a vicious attack that targeted well-known individuals like journalists and activists, it doesn’t mean that ordinary people aren’t at risk. The truth is that everyone is vulnerable, regardless of their status.

The past decade has shown us that no one is safe from being a cyberattack victim. Therefore, everyone must understand what’s at risk, how cyberattacks work, and take proactive measures to address the growth of online security risks.