When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

WhatsApp slams Isreali firm, NSO Group, for trying to spy on its users

NSO Group violated its 2025 WhatsApp injunction with new spear-phishing attacks. WhatsApp blocked them and is taking the firm back to court.

Neowin · with 1 comment

WhatsApp logo

WhatsApp has come out accusing Israeli cyber-intelligence firm, NSO Group, of deploying a fresh wave of highly targeted "spear phishing" attacks against users, which its security teams successfully thwarted.

The Israeli firm, according to WhatsApp, ran this operation like its usual one-click phishing campaigns, trying to get people to click malicious links that lead them to external sites. To coordinate the campaign, the spyware vendor created fake test accounts and groups on the messaging app. WhatsApp said it is sharing the specific malicious domains, ikhwancast[.]com, ghazacast[.]com, and fr24cast[.]com, because potential victims need this data to check if they were targeted across other messaging systems or email platforms.

The NSO Group is infamous for creating and selling Pegasus, a military-grade commercial spyware capable of silently compromising smartphones simply by sending a message or placing a missed call via apps like WhatsApp or iMessage. Users do not even have to interact with the incoming notification before the infection takes hold. Once Pegasus manages to break in, the spyware harvests private data, letting operators read private messages, emails, photos, and documents. It also tracks precise GPS locations, records keystrokes, activates the device's camera, and monitors live microphone audio.

Independent investigations by cybersecurity watchdogs like The Citizen Lab and human rights organizations like Amnesty International have proven that governments use this software to track humanitarian workers, journalists, diplomats, and political dissidents. These findings directly contradict NSO Group claims that clients use the technology to spy on criminals and terrorists only. In late 2021, the U.S. Department of Commerce added the firm to its Entity List, effectively banning the vendor from buying hardware and software from American tech companies.

WhatsApp said in its blog post that the spyware vendor violated a permanent court injunction with this new spear-phishing campaign. This injunction, which took effect in 2025, strictly prohibited NSO Group from targeting WhatsApp and its users. The platform is now asking a federal court to hold the firm in contempt.

JetBrains logo
Next Article

JetBrains launches Rider 2026.2 EAP 5, bringing several AI improvements

Apple Child Safety Features 2026
Previous Article

Apple launches new website for parents and a revamped Screen Time experience

1 Comment

Load the comments and join the conversation!

Read the comments, ask the editors questions, show respect and join the conversation.

Click here