In a courtroom showdown thatโs sending ripples through the tech world, Meta has clinched a staggering $167.25 million victory against NSO Group, the Israeli company behind the infamous Pegasus spyware.
A U.S. federal jury delivered the verdict, holding NSO accountable for hacking into WhatsApp and targeting 1,400 users, including journalists, activists, and government officials.
This ruling, rooted in a 2019 lawsuit, isnโt just a win for Metaโitโs a bold statement against the shadowy world of digital surveillance.
The Pegasus Plot Unraveled
The saga began when Metaโs WhatsApp team uncovered a chilling exploit in their platformโs audio-calling feature. Pegasus, NSOโs flagship spyware, could silently infiltrate a phone through a missed video callโno clicks, no trace.
Researchers at Citizen Lab first sounded the alarm in 2019, revealing how this โzero-clickโ attack compromised devices across 20 countries. Later, court filings exposed the scale: 1,223 victims in 51 nations, with India alone reporting 100 targets.
Pegasus isnโt your average malware. Once inside, itโs a digital skeleton key, unlocking encrypted chats, emails, and location data. It can even hijack a phoneโs camera or microphone, turning a personal device into a spy.
NSO pitched it as a tool for governments to fight crime, but the Pegasus Project revealed a darker truth: its clients, often state actors, used it to snoop on dissidents, reporters, and political rivals.
The Legal Showdown
Meta didnโt sit idly by. They dragged NSO to court in California, accusing the firm of violating federal and state laws, including the U.S. Computer Fraud and Abuse Act, and flouting WhatsAppโs terms of service.
The case took a decisive turn in December 2024 when Judge Phyllis Hamilton ruled that NSO had illegally reverse-engineered WhatsAppโs software to unleash Pegasus, a finding backed by the 9th U.S. Circuit Court of Appeals. The juryโs recent $167.25 million award is a gut punch to NSOโs finances and reputation.
NSOโs defense? They claimed Pegasus was a government tool, and they werenโt responsible for how clients wielded it. But WhatsAppโs lawyers, armed with unsealed evidence, proved NSO was hands-on, managing the spywareโs deployment. NSOโs refusal to hand over Pegasusโs source code, despite court orders, only dug their hole deeper.
Why This Matters
This verdict is a game-changer. John Scott-Railton from Citizen Lab called it a โlandmarkโ moment, per Reuters, signaling trouble for the spyware industry. Itโs a rare win for privacy in an era where surveillance tech often outpaces regulation.
The ruling also puts pressure on governments cozying up to firms like NSO, which was blacklisted by the U.S. Commerce Department in 2021 for endangering national security.
The case shines a spotlight on spywareโs global reach. From European Parliament probes to reports of Pegasus targeting Spanish politicians, the misuse is rampant.
Yet NSO, through spokesperson Gil Lainer, insists itโs appealing, claiming Pegasus spares U.S. numbersโa claim that rings hollow given its worldwide footprint, as noted by Engadget.
Metaโs Next Move
Meta is not done. Theyโre pushing for a court injunction to block future attacks, a move that could reshape how tech giants tackle spyware. WhatsAppโs efforts to alert victims and pursue justice have earned praise from groups like Amnesty International, which recently flagged Pegasus attacks on Serbian media. This case shows Big Tech can fight backโand win.
The Bigger Picture
This isnโt just Metaโs fight. Appleโs suing NSO over iPhone hacks, and other spyware firms, like Candiru, are under U.S. sanctions. The Pegasus Project has galvanized global action, exposing how spyware exploits gaps in digital defenses.
Itโs a wake-up call for everyday users: keep your apps updated and be wary of odd calls or messages. WhatsApp patched the flaw in 2019, but zero-click attacks remain a lurking threat.
