Table of Contents
Judge Finds NSO Group Liable for Hacking WhatsApp: A Historic Ruling
The Article Tells The Story of:
- NSO Group Liable: A U.S. court ruled NSO Group violated hacking laws with its Pegasus spyware targeting 1,400 WhatsApp users.
- WhatsApp’s Victory: Meta and WhatsApp won the case, accusing NSO of exploiting their servers to hack journalists and activists.
- Court Sanctions: The court penalized NSO for withholding key evidence, including the Pegasus source code.
- Legal Precedent: This ruling sets a precedent for holding spyware firms accountable under U.S. law.
WhatsApp’s Lawsuit Against NSO Group
A federal judge in California has ruled that the judge finds NSO Group liable for hacking WhatsApp users through unauthorized malware distribution. The NSO Group, maker of Pegasus spyware, now faces a landmark legal defeat. WhatsApp and its parent company, Meta, filed the lawsuit in 2019, accusing the Israeli surveillance firm of infecting 1,400 devices across 20 countries. Victims included journalists, human rights activists, political dissidents, and prominent female leaders.
District Judge Phyllis Hamilton determined that the NSO Group violated the U.S. Computer Fraud and Abuse Act (CFAA) by using WhatsApp servers to spread malware. The spyware enabled Pegasus to infiltrate users’ devices without requiring any action from the targets, such as answering a call or clicking a link.
Check Out similar Article of Snowflake Account Hacks Linked to Santander and Ticketmaster Breaches June 2, 2024 – SquaredTech
NSO Group’s Defense and Court Findings
The NSO Group denied any wrongdoing, claiming its tools were sold only to licensed government agencies for combating terrorism and serious crime. The company argued that it should not be held accountable for how clients used its services. However, in 2020, Meta escalated the case, alleging that NSO used U.S.-based servers to conduct its spyware attacks.
Judge Hamilton rejected NSO’s defense, citing the company’s acknowledgment that its clients used modified WhatsApp programs to send messages through legitimate WhatsApp servers. These messages delivered the Pegasus spyware to user devices. The court also sanctioned NSO for failing to provide crucial evidence, including the Pegasus source code. This finding that the judge finds NSO Group liable for hacking WhatsApp reinforces how seriously U.S. courts treat unauthorized surveillance.
Check Out similar Article of 11 Million Android Users Targeted by Necro Trojan September 25, 2024 – SquaredTech
Implications of the Ruling
WhatsApp spokesperson Carl Woog called the ruling a significant step in holding spyware companies accountable. He stated, “This decision shows that illegal actions by spyware vendors will not be tolerated.”
The court’s ruling resolves all liability issues for NSO Group. A trial will determine the damages the company must pay. This landmark decision is the first to recognize a major spyware vendor’s violation of U.S. hacking laws. It sets a precedent that could impact other spyware firms and reinforce legal protections against cyber-surveillance abuses.
This case highlights growing concerns about the misuse of surveillance technology and its implications for privacy, journalism, and civil rights worldwide. The fact that a judge finds NSO Group liable for hacking WhatsApp sends a clear warning to the broader surveillance industry.
Why the Judge Finds NSO Group Liable for Hacking WhatsApp Matters Globally
The ramifications of this ruling extend well beyond the courtroom. When a judge finds NSO Group liable for hacking WhatsApp, it signals to governments, technology companies, and civil liberties organizations that commercial spyware vendors are not above the law. For years, firms like NSO operated in a legal gray zone, selling powerful intrusion tools to state clients while distancing themselves from how those tools were deployed.
This verdict challenges that model directly. By holding NSO accountable under the U.S. Computer Fraud and Abuse Act, the court established that routing attacks through American servers — even when the ultimate operator is a foreign government — can expose a vendor to U.S. jurisdiction. That principle alone could reshape how surveillance companies structure their technical infrastructure going forward.
Civil liberties advocates have long argued that tools like Pegasus pose an existential threat to press freedom and political dissent. The 1,400 targeted individuals were not criminals; many were journalists and human rights defenders doing vital work. A ruling confirming that a judge finds NSO Group liable for hacking WhatsApp gives these communities a legal framework to pursue accountability in future cases.
Damages will be decided at trial, but the reputational and financial pressure on NSO is already substantial. The company was placed on a U.S. export blacklist in 2021, limiting its ability to acquire American technology. This court decision compounds that pressure and may accelerate the company’s decline or force a significant restructuring of how it operates and who it serves.
Stay Updated: Tech News

