Newsletters
A US federal jury ordered Israeli spyware company NSO Group to pay more than $167 million in damages for hacking the devices of approximately 1,400 WhatsApp users in 2019 using its Pegasus software.
The verdict delivered Tuesday after a five-year legal battle includes $167.25 million in punitive damages and $445,000 in compensatory damages to WhatsApp and its parent company, Meta.
The US District Court for the Northern District of California rejected NSO Group's claim of sovereign immunity as a private company, finding that the Pegasus spyware exploited vulnerabilities in WhatsApp's platform.
The Pegasus tool enabled "zero-click" attacks that could infect devices without any user interaction, a capability governments allegedly used to surveil journalists, dissidents and activists worldwide.
Meta hailed the ruling as "the first victory against illegal spyware that threatens the safety and privacy of everyone."
"The jury's decision to force NSO to pay damages is a critical deterrent to this malicious industry against their illegal acts aimed at American companies and our users worldwide," it said in a statement.
Evidence presented during the trial revealed WhatsApp was not NSO's only target. Meta noted that while it stopped the attack vector that exploited the company’s calling system in 2019, "Pegasus has had many other spyware installation methods" targeting different technologies.
The case began in October 2019 when WhatsApp filed a lawsuit claiming that the NSO Group had deployed malware to some mobile devices.
1 min read
