CyberSecurityBoard
Sponsor Register Login

NSO Group fined $167M for spyware attacks on 1,400 WhatsApp users

Meta filed the lawsuit against NSO Group on October 29, 2019, in the U.S. District Court for the Northern District of California, alleging that NSO had exploited a vulnerability in WhatsApp's calling feature to deliver its Pegasus spyware to approximately 1,400 users. Court documents also revealed that the NSO Group used at least one more zero-day vulnerability in WhatsApp software to target users with spyware even after Meta's lawsuit had been submitted. A U.S. federal jury has ordered Israeli spyware vendor NSO Group to pay WhatsApp $167,254,000 in punitive damages and $444,719 in compensatory damages for a 2019 campaign that targeted 1,400 users of the communication app. "Today's verdict in WhatsApp's case is an important step forward for privacy and security as the first victory against the development and use of illegal spyware that threatens the safety and privacy of everyone," commented Meta, WhatsApp's owner, in an announcement. The fines stem from a May 2019 campaign when NSO attempted to infect 1,400 WhatsApp users with its Pegasus spyware using a WhatsApp zero-day vulnerability. It was later revealed that the vulnerability NSO leveraged during this operation was CVE-2019-3568, a buffer overflow in the WhatsApp VOIP stack, allowing attackers to send specially crafted RTCP packets to a target phone number to achieve remote code execution. Hamilton ruled that NSO Group is liable for violating U.S. hacking laws and WhatsApp's Terms of Service, granting partial summary judgment in WhatsApp's favor and moving the case to a jury trial to determine damages. The verdict is considered a landmark case for being the first time a spyware vendor is held accountable in court, and could send ripples across the commercial spyware industry. Finally, WhatsApp was awarded punitive damage compensation of $167,254,000, plus an extra $444,719 compensation for the incident investigation, vulnerability patching, and user notification.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 07 May 2025 14:10:11 +0000


Cyber News related to NSO Group fined $167M for spyware attacks on 1,400 WhatsApp users

CVE-2024-53182 - In the Linux kernel, the following vulnerability has been resolved: Revert "block, bfq: merge bfq_release_process_ref() into bfq_put_cooperator()" This reverts commit bc3b1e9e7c50e1de0f573eea3871db61dd4787de. The bic is associated with sync_bfqq, and ...
4 months ago Tenable.com
NSO Group fined $167M for spyware attacks on 1,400 WhatsApp users - Meta filed the lawsuit against NSO Group on October 29, 2019, in the U.S. District Court for the Northern District of California, alleging that NSO had exploited a vulnerability in WhatsApp's calling feature to deliver its Pegasus spyware to ...
2 weeks ago Bleepingcomputer.com CVE-2019-3568
Jury orders NSO Group to pay $168 million to WhatsApp for facilitating Pegasus hacks of its users | The Record from Recorded Future News - NSO’s case was severely hampered by its inability to offer the court any details of its clients' aims in the attacks, prompting Northern California federal judge Phyllis Hamilton to bar the spyware firm from presenting any evidence related to ...
2 weeks ago Therecord.media
Citizen Lab details ongoing battle against spyware vendors - Citizen Lab senior researcher Bill Marczak said that while the organization has achieved some important wins against spyware proliferation, the progress is inevitably hindered by vendors that continually adapt their technologies and practices. The ...
1 year ago Techtarget.com
US Jury Orders NSO Group to Pay $168 Million to WhatsApp - Meta hailed the verdict as a milestone for digital privacy and security, stating, “Today’s verdict in the WhatsApp case marks a significant advancement for privacy and security, representing the first triumph against the creation and utilization ...
2 weeks ago Cybersecuritynews.com
WhatsApp flaw can let attackers run malicious code on Windows PCs - On January 31, after mitigating the security issue server-side, WhatsApp alerted roughly 90 Android users from over two dozen countries, including Italian journalists and activists who were targeted in Paragon spyware attacks using the zero-click ...
1 month ago Bleepingcomputer.com CVE-2025-30401
US Uses Visa Restrictions in Struggle Against Spyware - The United States will impose visa restrictions on foreign individuals who have been involving the misuse of spyware, the latest effort by the Biden Administration to address the dangers of the commercial software that often is used by governments ...
1 year ago Securityboulevard.com
Spyware isn't going anywhere, and neither are its tactics - The illegal use of spyware to target high-profile or at-risk individuals is a global problem, as highlighted by this article from The Register that Talos' Nick Biasini just contributed to. As we've written about, many Private Sector Offensive Actors ...
1 year ago Blog.talosintelligence.com CVE-2024-23222
Kaspersky Details Method for Detecting Spyware in iOS - Researchers with cybersecurity firm Kaspersky are detailing a lightweight method for detecting the presence of spyware, including The NSO Group's notorious Pegasus software, in Apple iOS devices. The new method, which calls for looking for traces of ...
1 year ago Securityboulevard.com
Paragon Spyware Exploited WhatsApp Zero-day Vulnerability to Attack High-value Targets - Researchers have uncovered extensive evidence linking Israeli firm Paragon Solutions to a sophisticated spyware operation that exploited a zero-day vulnerability in WhatsApp to target journalists and civil society members. The investigation confirmed ...
2 months ago Cybersecuritynews.com
Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware - Cisco Talos has a new, in-depth analysis of timelines, operating paradigms and procedures adopted by spyware vendor Intellexa. Talos' analysis revealed that rebooting an iOS or Android device may not always remove the Predator spyware produced by ...
1 year ago Blog.talosintelligence.com
Pegasus Spyware Targets Jordanian Civil Society in Wide-Ranging Attacks - Journalists, lawyers, and human-rights activists in the Middle Eastern nation of Jordan face increased surveillance from the controversial Pegasus spyware app, with nearly three dozen civilians targeted over the past four years. According to an ...
1 year ago Darkreading.com
U.S. rolls out visa restriction policy on people who misuse spyware to target journalists, activists - WASHINGTON - The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware. The administration's policy will apply to people ...
1 year ago Pbs.org
US judge rejects NSO's attempt to dismiss Apple lawsuit The Register - A US court has rejected spyware vendor NSO Group's motion to dismiss a lawsuit filed by Apple that alleges the developer violated computer fraud and other laws by infecting customers' iDevices with its surveillance software. Apple sued NSO, developer ...
1 year ago Theregister.com
US to Roll Out Visa Restrictions on People Who Misuse Spyware to Target Journalists, Activists - The Biden administration announced Monday it is rolling out a new policy that will allow it to impose visa restrictions on foreign individuals involved in the misuse of commercial spyware. The administration's policy will apply to people who've been ...
1 year ago Securityweek.com
Intellexa Spyware Adds Persistence with iOS or Android Device - In the shadowy realm of commercial spyware, the spotlight turns to the notorious Intellexa spyware and its Predator/Alien solution, as dissected by Cisco Talos in their comprehensive May 2023 report. This expose navigates the labyrinthine intricacies ...
1 year ago Gbhackers.com
ICE Signs $2 Million Contract With Spyware Maker Paragon Solutions | WIRED - Measures have included placing spyware vendors like NSO Group and Intellexa on the so-called Entity List to prevent any US companies from doing business with them; enacting a visa restriction policy against multiple individuals “who have been ...
7 months ago Wired.com
CVE-2018-16557 - A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU ...
2 years ago
CVE-2018-16556 - A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU ...
2 years ago
WhatsApp Hit with €55 Million Fine for Privacy Violations - WhatsApp is facing an €55 million privacy-related fine from the European Union’s data protection authority for allegedly violating the region's data protection laws. ...
2 years ago Thehackernews.com
Is Your Organization Infected by Mobile Spyware? - The surge in mobile device usage within organizations has inevitably opened the floodgates to a new kind of cyber threat-mobile spyware. The growing dependence on mobile technology has made it imperative for organizations to recognize and mitigate ...
1 year ago Blog.checkpoint.com
WhatsApp's new Advanced Chat Privacy protects sensitive messages - "Today we're introducing our latest layer for privacy called 'Advanced Chat Privacy.' This new setting available in both chats and groups helps prevent others from taking content outside of WhatsApp for when you may want extra privacy," WhatsApp ...
4 weeks ago Bleepingcomputer.com
What is Spyware? How It Works and How to Protect Yourself Against It - Spyware is a type of malicious software that is designed to collect sensitive data from victims without their knowledge or consent. It is typically installed on computers without the user’s knowledge or consent, and collects sensitive information ...
2 years ago Heimdalsecurity.com
CVE-2021-40368 - A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), ...
2 years ago
Critics of Putin and his allies targeted with spyware inside the EU - At least seven journalists and activists who have been vocal critics of the Kremlin and its allies have been targeted inside the EU by a state using Pegasus, the hacking spyware made by Israel's NSO Group, according to a new report by security ...
11 months ago Packetstormsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)