Pegasus Spyware Maker Fined

Uploaded on 2025-05-21 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law

Your phone could become a criminal’s tool, silently spilling your texts, calls, and photos to a shadowy hacker - all without you clicking a single link. This serious threat is created by Pegasus, the infamous spyware developed by Israel’s NSO Group, which targeted 1,400 WhatsApp users in 2019.

Now, the Israeli firm behind Pegasus, NSO Group, has been ordered to pay Meta $444,000 damages for this hacking attack that took place that year. 

For years, the Israeli spyware company NSO Group has quietly equipped governments with potent tools to hack phones and monitor dissidents. However, a jury in California recently awarded Meta Platforms (formerly Facebook) over $167 million (£125 million) in damages from NSO Group for exploiting WhatsApp in 2019.

Meta created a webpage announcing the jury’s decision, stating that it “is a critical deterrent to this malicious industry” aimed at combatting illegal acts against American companies and users worldwide.

“Six years ago, we detected and stopped an attack by the notorious spyware developer NSO against WhatsApp and its users, and today, our court case has made history as the first victory against illegal spyware that threatens the safety and privacy of everyone,” Meta announced on May 6th. 

Additionally, Meta described this ruling as “an important step forward for privacy and security, marking the first victory against the development and use of illegal spyware that threatens everyone’s safety and privacy.”

Pegasus is malicious software that can be installed remotely on mobile phones to access microphones, cameras, and other personal data without user consent.  Based in Tel Aviv, NSO Group has developed and sold  their technology around the word, and has faced accusations of enabling authoritarian regimes to monitor journalists, activists, and political figures

Meta stated that this case signifies “the first victory against the development and use of illegal spyware.” NSO, in response, said it would “carefully examine the verdict's details and pursue appropriate legal remedies, including further proceedings and an appeal.”

This case is notable as the first time a developer of spyware has been held responsible for exploiting vulnerabilities in smartphone platforms.

NSO claims its products are intended solely for use against serious criminals and terrorists. However, there are ongoing allegations that some governments have used the technology to target individuals they consider threats to national security.

Pegasus became the center of global controversy in 2021 when a leaked list of 50,000 phone numbers of suspected victims was revealed to major media outlets. The leak identified politicians, heads of state, business executives, activists, members of Arab royal families, and over 180 journalists.

This legal battle has spanned six years and involves multiple major tech companies. Apple previously filed a similar lawsuit against NSO Group but withdrew it in 2024 to avoid exposing its internal security systems. In contrast, Meta’s case resulted in a court ruling in their favor - an uncommon win against a surveillance vendor.

While this case may mark a turning point in how courts and tech companies confront the spyware industry, the fight against digital surveillance tools remains ongoing.

Silicon  |   BBC  |   Meta  |    Medium  |    Techloy  |  neowin  |  Hacker News 

Image: Ideogram 

You Might Also Read: 

Russian Hackers Exploit Mobile Browser Vulnerabilities:

If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« How Ransomware's Industrialization Impacts SOC Operational Tempo
Large-Scale Data Exposure Discovered »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Covenco

Covenco

Covenco is a data management and IT infrastructure specialist. Working with customers to transform their IT environments, with data protection and security at the forefront of everything we do.

AEI Cybersecurity

AEI Cybersecurity

AEI brings together companies, Research Centres, Universities, and other organizations interested in promoting new cybersecurity technologies.

Watchcom Security Group

Watchcom Security Group

Watchcom is one of Norway's foremost suppliers of information security consultancy services.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

Exatel

Exatel

Exatel is Poland’s leading provider of ICT security services.

Cygilant

Cygilant

Cygilant is a SOC2 certified service provider that combines MSSP and Incident Detection and Response (IDR) capabilities managed by global SOCs staffed with trained security engineers.

LMG Security

LMG Security

LMG Security is a cybersecurity consulting, research and training firm.

astarios

astarios

astarios provide near-shore software development services including secure software development (DevSecOps), quality assurance and testing.

InfoLock

InfoLock

Infolock are experts in data governance, providing consulting and advisory services that help organizations effectively secure, manage, and optimize their data.

BitTrap

BitTrap

BitTrap helps companies worldwide detect attackers and put an early end to breaches, preventing data exfiltration and ransomware altogether.

Purism

Purism

Purism works with hardware component manufactures and the free software community to build high quality hardware that respects your digital life.

Interactive

Interactive

Interactive are a leading Australian IT service provider with services in Cloud, Cyber Security, Data Centres, Business Continuity, Hardware Maintenance, Digital Workplace, and Networks.

Modern Networks

Modern Networks

Modern Networks is a leading provider of IT managed services to the UK’s commercial property sector and medium sized enterprises.

EPAM Systems

EPAM Systems

Since 1993, EPAM Systems has leveraged its advanced software engineering heritage to become a leading global digital transformation services provider.

RST Cloud

RST Cloud

RST Cloud is a cutting-edge technology company that specialises in threat intelligence solutions for businesses of all sizes.

SecuRedact

SecuRedact

SecuRedact is an AI-powered tool to detect and pseudonymize personal data in text and images. Fast, local, secure, and free to try.