Pegasus Spyware Maker Fined

Uploaded on 2025-05-21 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law

Your phone could become a criminal’s tool, silently spilling your texts, calls, and photos to a shadowy hacker - all without you clicking a single link. This serious threat is created by Pegasus, the infamous spyware developed by Israel’s NSO Group, which targeted 1,400 WhatsApp users in 2019.

Now, the Israeli firm behind Pegasus, NSO Group, has been ordered to pay Meta $444,000 damages for this hacking attack that took place that year. 

For years, the Israeli spyware company NSO Group has quietly equipped governments with potent tools to hack phones and monitor dissidents. However, a jury in California recently awarded Meta Platforms (formerly Facebook) over $167 million (£125 million) in damages from NSO Group for exploiting WhatsApp in 2019.

Meta created a webpage announcing the jury’s decision, stating that it “is a critical deterrent to this malicious industry” aimed at combatting illegal acts against American companies and users worldwide.

“Six years ago, we detected and stopped an attack by the notorious spyware developer NSO against WhatsApp and its users, and today, our court case has made history as the first victory against illegal spyware that threatens the safety and privacy of everyone,” Meta announced on May 6th. 

Additionally, Meta described this ruling as “an important step forward for privacy and security, marking the first victory against the development and use of illegal spyware that threatens everyone’s safety and privacy.”

Pegasus is malicious software that can be installed remotely on mobile phones to access microphones, cameras, and other personal data without user consent.  Based in Tel Aviv, NSO Group has developed and sold  their technology around the word, and has faced accusations of enabling authoritarian regimes to monitor journalists, activists, and political figures

Meta stated that this case signifies “the first victory against the development and use of illegal spyware.” NSO, in response, said it would “carefully examine the verdict's details and pursue appropriate legal remedies, including further proceedings and an appeal.”

This case is notable as the first time a developer of spyware has been held responsible for exploiting vulnerabilities in smartphone platforms.

NSO claims its products are intended solely for use against serious criminals and terrorists. However, there are ongoing allegations that some governments have used the technology to target individuals they consider threats to national security.

Pegasus became the center of global controversy in 2021 when a leaked list of 50,000 phone numbers of suspected victims was revealed to major media outlets. The leak identified politicians, heads of state, business executives, activists, members of Arab royal families, and over 180 journalists.

This legal battle has spanned six years and involves multiple major tech companies. Apple previously filed a similar lawsuit against NSO Group but withdrew it in 2024 to avoid exposing its internal security systems. In contrast, Meta’s case resulted in a court ruling in their favor - an uncommon win against a surveillance vendor.

While this case may mark a turning point in how courts and tech companies confront the spyware industry, the fight against digital surveillance tools remains ongoing.

Silicon  |   BBC  |   Meta  |    Medium  |    Techloy  |  neowin  |  Hacker News 

Image: Ideogram 

You Might Also Read: 

Russian Hackers Exploit Mobile Browser Vulnerabilities:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« The Email Security Threats Businesses Can’t Ignore
Large-Scale Data Exposure Discovered »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CERT-MU

CERT-MU

CERT-MU is the Mauritian National Computer Security Incident Response Team.

CyberPolicy

CyberPolicy

CyberPolicy is a cyber protection solution for small businesses. It combines three important components against cyber threats - Cyber Plan, Cybersecurity and Cyber Insurance.

Idemia

Idemia

Idemia is a global leader in security and identity solutions.

Smarttech247

Smarttech247

Smarttech247 deliver a range of cyber security solutions, including cognitive security services using IBM Watson for Cybersecurity, SIEM, Compliance & Governance, and Penetration Testing.

Cyber Security Malta

Cyber Security Malta

Cyber Security Malta is part of Malta's National Cyber Security Strategy which aims to combat cybercrime, strengthen national cyber defence and provide cyber security awareness and education.

Meriplex

Meriplex

Meriplex is a Managed Services provider specializing in Intelligent Networks, Cybersecurity and Cloud Communications.

Hazy

Hazy

Hazy specialises in financial services, helping some of the world’s top banks and insurance companies reduce compliance risk.

Security Weaver

Security Weaver

Security Weaver is a leading provider of governance, risk and compliance management (GRCM) software.

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance combines insurance expertise with cybersecurity and data talent to deliver clear, effective solutions to protect you for the cyberrisks of today—and tomorrow.

Intaso

Intaso

Intaso are a boutique head hunting and talent solution firm with specialist Cyber and Information Security expertise.

Gem Security

Gem Security

Gem is on a mission to help security operations evolve into the cloud era, and stop cloud threats before they become incidents.

ThreatNix

ThreatNix

ThreatNix is a tight knit group of experienced security professionals who are committed to providing competent cybersecurity solutions that adhere to international standards.

Hushmesh

Hushmesh

Hushmesh is a start-up aimed at securing the world’s digital infrastructure by developing develop the Mesh, a global information space with automated security built in.

Cyro Cyber

Cyro Cyber

Cyro Cyber is a collective of some of the UK’s most experienced and savvy cybersecurity, information assurance, data protection, IT governance and compliance experts.

Panasonic Automotive Systems

Panasonic Automotive Systems

Panasonic Automotive Systems brings together security technologies and human resources cultivated across an extensive range of businesses into the automotive field.

Tulpa AI

Tulpa AI

Tulpa develops safe AI assistants (co-pilots) to support and enhance human performance in high-stakes, mission-critical decision-making environments.