NSO Group Hit with $168m Fine for WhatsApp Pegasus Spyware Abuse
The Israeli spyware maker must pay $444,719 in compensatory damages to Meta and $167.25m in punitive damages
Coverage examines reported NSO Group-linked spyware incidents, attribution, infrastructure, disruption, and defensive guidance.
Search across headline titles and summaries.
Background for this topic.
NSO Group is a commercial surveillance-technology company best known for Pegasus, spyware reported to compromise mobile devices and collect messages, files, location data, or sensor inputs. Reports have alleged use against journalists, activists, and political figures, but attribution generally concerns customers or operators using the tools rather than NSO Group directly conducting each intrusion. The tag therefore covers reported deployments, vulnerability research, infrastructure, legal or commercial restrictions, and efforts to detect or disrupt the spyware.
For defenders, Pegasus-related incidents matter because mobile compromise may involve highly targeted exploits, including cases requiring little or no user interaction, and may leave limited conventional endpoint evidence. Practical responses include rapid installation of mobile operating-system security updates, restricting unnecessary device exposure, and treating suspected targeting as a forensic incident: preserve the device, collect relevant logs and backups carefully, and obtain specialist analysis rather than immediately resetting it. Organizations should also assess privacy, consent, and legal obligations when handling evidence or protecting people at elevated risk.
The Israeli spyware maker must pay $444,719 in compensatory damages to Meta and $167.25m in punitive damages