In a courtroom showdown that’s sending ripples through the tech world, Meta has clinched a staggering $167.25 million victory against NSO Group, the Israeli company behind the infamous Pegasus spyware.

A U.S. federal jury delivered the verdict, holding NSO accountable for hacking into WhatsApp and targeting 1,400 users, including journalists, activists, and government officials.

This ruling, rooted in a 2019 lawsuit, isn’t just a win for Meta—it’s a bold statement against the shadowy world of digital surveillance.

The Pegasus Plot Unraveled

The saga began when Meta’s WhatsApp team uncovered a chilling exploit in their platform’s audio-calling feature. Pegasus, NSO’s flagship spyware, could silently infiltrate a phone through a missed video call—no clicks, no trace.

Researchers at Citizen Lab first sounded the alarm in 2019, revealing how this “zero-click” attack compromised devices across 20 countries. Later, court filings exposed the scale: 1,223 victims in 51 nations, with India alone reporting 100 targets.

Pegasus isn’t your average malware. Once inside, it’s a digital skeleton key, unlocking encrypted chats, emails, and location data. It can even hijack a phone’s camera or microphone, turning a personal device into a spy.

NSO pitched it as a tool for governments to fight crime, but the Pegasus Project revealed a darker truth: its clients, often state actors, used it to snoop on dissidents, reporters, and political rivals.

The case took a decisive turn in December 2024 when Judge Phyllis Hamilton ruled that NSO had illegally reverse-engineered WhatsApp’s software to unleash Pegasus, a finding backed by the 9th U.S. Circuit Court of Appeals. The jury’s recent $167.25 million award is a gut punch to NSO’s finances and reputation.

NSO’s defense? They claimed Pegasus was a government tool, and they weren’t responsible for how clients wielded it. But WhatsApp’s lawyers, armed with unsealed evidence, proved NSO was hands-on, managing the spyware’s deployment. NSO’s refusal to hand over Pegasus’s source code, despite court orders, only dug their hole deeper.

Why This Matters

This verdict is a game-changer. John Scott-Railton from Citizen Lab called it a “landmark” moment, per Reuters, signaling trouble for the spyware industry. It’s a rare win for privacy in an era where surveillance tech often outpaces regulation.

The ruling also puts pressure on governments cozying up to firms like NSO, which was blacklisted by the U.S. Commerce Department in 2021 for endangering national security.

The case shines a spotlight on spyware’s global reach. From European Parliament probes to reports of Pegasus targeting Spanish politicians, the misuse is rampant.

Yet NSO, through spokesperson Gil Lainer, insists it’s appealing, claiming Pegasus spares U.S. numbers—a claim that rings hollow given its worldwide footprint, as noted by Engadget.

Meta’s Next Move

Meta is not done. They’re pushing for a court injunction to block future attacks, a move that could reshape how tech giants tackle spyware. WhatsApp’s efforts to alert victims and pursue justice have earned praise from groups like Amnesty International, which recently flagged Pegasus attacks on Serbian media. This case shows Big Tech can fight back—and win.

The Bigger Picture

This isn’t just Meta’s fight. Apple’s suing NSO over iPhone hacks, and other spyware firms, like Candiru, are under U.S. sanctions. The Pegasus Project has galvanized global action, exposing how spyware exploits gaps in digital defenses.

It’s a wake-up call for everyday users: keep your apps updated and be wary of odd calls or messages. WhatsApp patched the flaw in 2019, but zero-click attacks remain a lurking threat.

In a courtroom showdown that’s sending ripples through the tech world, Meta has clinched a staggering $167.25 million victory against NSO Group, the Israeli company behind the infamous Pegasus spyware.

A U.S. federal jury delivered the verdict, holding NSO accountable for hacking into WhatsApp and targeting 1,400 users, including journalists, activists, and government officials.

This ruling, rooted in a 2019 lawsuit, isn’t just a win for Meta—it’s a bold statement against the shadowy world of digital surveillance.

The Pegasus Plot Unraveled

The saga began when Meta’s WhatsApp team uncovered a chilling exploit in their platform’s audio-calling feature. Pegasus, NSO’s flagship spyware, could silently infiltrate a phone through a missed video call—no clicks, no trace.

Researchers at Citizen Lab first sounded the alarm in 2019, revealing how this “zero-click” attack compromised devices across 20 countries. Later, court filings exposed the scale: 1,223 victims in 51 nations, with India alone reporting 100 targets.

Pegasus isn’t your average malware. Once inside, it’s a digital skeleton key, unlocking encrypted chats, emails, and location data. It can even hijack a phone’s camera or microphone, turning a personal device into a spy.

NSO pitched it as a tool for governments to fight crime, but the Pegasus Project revealed a darker truth: its clients, often state actors, used it to snoop on dissidents, reporters, and political rivals.

The case took a decisive turn in December 2024 when Judge Phyllis Hamilton ruled that NSO had illegally reverse-engineered WhatsApp’s software to unleash Pegasus, a finding backed by the 9th U.S. Circuit Court of Appeals. The jury’s recent $167.25 million award is a gut punch to NSO’s finances and reputation.

NSO’s defense? They claimed Pegasus was a government tool, and they weren’t responsible for how clients wielded it. But WhatsApp’s lawyers, armed with unsealed evidence, proved NSO was hands-on, managing the spyware’s deployment. NSO’s refusal to hand over Pegasus’s source code, despite court orders, only dug their hole deeper.

Why This Matters

This verdict is a game-changer. John Scott-Railton from Citizen Lab called it a “landmark” moment, per Reuters, signaling trouble for the spyware industry. It’s a rare win for privacy in an era where surveillance tech often outpaces regulation.

The ruling also puts pressure on governments cozying up to firms like NSO, which was blacklisted by the U.S. Commerce Department in 2021 for endangering national security.

The case shines a spotlight on spyware’s global reach. From European Parliament probes to reports of Pegasus targeting Spanish politicians, the misuse is rampant.

Yet NSO, through spokesperson Gil Lainer, insists it’s appealing, claiming Pegasus spares U.S. numbers—a claim that rings hollow given its worldwide footprint, as noted by Engadget.

Meta’s Next Move

Meta is not done. They’re pushing for a court injunction to block future attacks, a move that could reshape how tech giants tackle spyware. WhatsApp’s efforts to alert victims and pursue justice have earned praise from groups like Amnesty International, which recently flagged Pegasus attacks on Serbian media. This case shows Big Tech can fight back—and win.

The Bigger Picture

This isn’t just Meta’s fight. Apple’s suing NSO over iPhone hacks, and other spyware firms, like Candiru, are under U.S. sanctions. The Pegasus Project has galvanized global action, exposing how spyware exploits gaps in digital defenses.

It’s a wake-up call for everyday users: keep your apps updated and be wary of odd calls or messages. WhatsApp patched the flaw in 2019, but zero-click attacks remain a lurking threat.