Israeli company NSO Group, the maker of the notorious Pegasus spyware, violated the American court ruling that barred it from targeting WhatsApp users, Meta alleged in a US federal court filing.
The company said it managed to block phishing attacks linked to NSO, which has been blacklisted by the US government for activities that threaten national security.
These attempts were similar to “one-click” attacks, which trick users into clicking malicious links. The name refers to the fact that a single click on such a link is enough to infect the device with spyware.
In 2019, Meta Platforms filed a lawsuit against NSO over the surveillance of 1,400 WhatsApp users, at least 100 of whom were journalists, human rights activists, and members of civil society.
In 2025, a US court ordered NSO to stop targeting WhatsApp users and awarded Meta $4 million in damages.
Meta said the new court filing was submitted in cooperation with 12 human rights organizations, cybersecurity experts, and digital rights specialists who testified against NSO.
The Pegasus software allows government agencies to surveil the mobile phones of terrorism suspects or individuals implicated in other serious crimes. The company does not disclose its clients, but maintains that it sells the software exclusively to foreign governments with approval from the Israeli Ministry of Defense.
It is, however, widely known that countries such as Saudi Arabia, the United Arab Emirates, Jordan, and Poland have misused the system to spy on political opponents, journalists, and activists.
NSO maintains that it bears no responsibility for how its software is used by its clients and asserts that it has taken measures to prevent abuse.
Beyond Meta, Apple also took legal action against NSO for targeting iPhone users, going so far as to describe the company’s founders as “amoral mercenaries of the 21st century.”
