WhatsApp says it disrupted new NSO spyware phishing attacks
WhatsApp has detected and stopped spear-phishing campaigns allegedly conducted by the NSO Group after investigating user reports of social engineering attacks. [...]
Coverage examines reported NSO Group-linked spyware incidents, attribution, infrastructure, disruption, and defensive guidance.
Search across headline titles and summaries.
Background for this topic.
NSO Group is a commercial surveillance-technology company best known for Pegasus, spyware reported to compromise mobile devices and collect messages, files, location data, or sensor inputs. Reports have alleged use against journalists, activists, and political figures, but attribution generally concerns customers or operators using the tools rather than NSO Group directly conducting each intrusion. The tag therefore covers reported deployments, vulnerability research, infrastructure, legal or commercial restrictions, and efforts to detect or disrupt the spyware.
For defenders, Pegasus-related incidents matter because mobile compromise may involve highly targeted exploits, including cases requiring little or no user interaction, and may leave limited conventional endpoint evidence. Practical responses include rapid installation of mobile operating-system security updates, restricting unnecessary device exposure, and treating suspected targeting as a forensic incident: preserve the device, collect relevant logs and backups carefully, and obtain specialist analysis rather than immediately resetting it. Organizations should also assess privacy, consent, and legal obligations when handling evidence or protecting people at elevated risk.
Weekly headline count for the current query.
WhatsApp has detected and stopped spear-phishing campaigns allegedly conducted by the NSO Group after investigating user reports of social engineering attacks. [...]
A U.S. federal jury has ordered Israeli spyware vendor NSO Group to pay WhatsApp $167,254,000 in punitive damages and $444,719 in compensatory damages for a 2019 campaign that targeted 1,400 users of the communication app. [...]
A U.S. federal judge has ruled that Israeli spyware maker NSO Group violated U.S. hacking laws by using WhatsApp zero-days to deploy Pegasus spyware on at least 1,400 devices. [...]
Israeli surveillance firm NSO Group reportedly used multiple zero-day exploits, including an unknown one named "Erised," that leveraged WhatsApp vulnerabilities to deploy Pegasus spyware in zero-click attacks, even after getting sued. [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies today to patch security vulnerabilities abused as part of a zero-click iMessage exploit chain to infect iPhones with NSO Group's Pegasus spyware. [...]
Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain to deploy NSO Group's Pegasus commercial spyware onto fully patched iPhones. [...]
Digital threat researchers at Citizen Lab have discovered a new zero-click iMessage exploit used to install NSO Group spyware on devices belonging to Catalan politicians, journalists, and activists. [...]