WhatsApp has detected and stopped spear-phishing campaigns allegedly conducted by the NSO Group after investigating user reports of social engineering attacks.
The NSO Group is an Israeli commercial spyware vendor known for its advanced “Pegasus” tool that has been deployed against politicians, activists, journalists, academics, and other “high-interest” individuals.
The firm has been on the U.S. sanctioned entities list since November 2021, due to supplying to foreign governments software products that were used against people and organizations in the U.S. Tools from NSO were also used by regimes considered repressive that targeted dissidents outside their borders.
Despite that, NSO continued to target WhatsApp users, on multiple occasions using zero-day vulnerabilities.
WhatsApp's parent company, Meta, has fought NSO Group in U.S. courts, securing a permanent injunction against it in 2025, a declaration of liability for 1,400 infections, and an associated $167,000,000 fine.
