News: 0183662414

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order (securityweek.com)

(Monday June 08, 2026 @05:00PM (BeauHD) from the tisk-tisk dept.)


[1]wiredmikey shares a report from SecurityWeek:

> Meta-owned communications app WhatsApp says it recently detected and disrupted a spear-phishing attempt [2]linked to spyware company NSO Group . The attack is allegedly in defiance of a court order that bars the spyware maker from targeting WhatsApp. WhatsApp filed a lawsuit against NSO in 2019, after it came to light that a zero-day vulnerability had been [3]exploited to deliver spyware to users. [...] NSO has been seeking to overturn the order blocking it from targeting WhatsApp users, arguing that the company will "suffer irreparable harm."

>

> According to WhatsApp, the spyware maker has violated the permanent injunction. The messaging app reported on Monday that it had recently learned of a social engineering attack that attempted to trick users into clicking on malicious links. WhatsApp has only shared a few domains as an indicator of compromise (IoC), but says it was able to link the attack to NSO, pointing to similarities to previously reported one-click phishing campaigns tied to the spyware company. WhatsApp says it also caught the attackers creating test accounts and groups. Those accounts and groups have been disabled, but further action is also being taken.

WhatsApp [4]says it is asking a federal court to hold NSO in contempt for allegedly violating a permanent injunction barring it from targeting WhatsApp and its users. The company also said it is making a "significant contribution" to the [5]Spyware Accountability Initiative , a fund aimed at exposing and stopping spyware abuse.



[1] https://slashdot.org/~wiredmikey

[2] https://www.securityweek.com/whatsapp-catches-spyware-firm-nso-defying-no-hacking-court-order/

[3] https://tech.slashdot.org/story/19/05/14/0334243/israeli-firm-tied-to-tool-that-uses-whatsapp-flaw-to-spy-on-activists

[4] https://about.fb.com/news/2026/06/fighting-spyware-an-update-from-whatsapp/

[5] https://stopspyware.fund/


Re: (Score:1)

by Anonymous Coward

If we can bomb Iran we can bomb the NSO (except they have their hands in our pockets).

Re: (Score:2)

by Vlad_the_Inhaler ( 32958 )

Sanctions against the employees, blacklisting their products in the US and allied countries. Think of what was unleashed on Huawei after vague "they could be" allegations, these ones are "they are" and the company has already made it clear that their business model is at least partially dependent on spearfishing WhatsApp.

Re:No jurisdiction (Score:4, Informative)

by jd ( 1658 )

Incorrect. Computer misuse within the US, regardless of where the individuals who are doing the misusing are located, is under US jurisdiction. This is long-established. Laws dealing with multi-jurisdictional issues (such as patents/copyrights, illicit interstate commerce, sex tourism, computer misuse) are old-hat.

Attacking US servers located in US territory is an attack carried out within the US, regardless of where the keyboard warrior is.

Now, if the servers attacked are in Ireland, then they're also covered by EU jurisdiction (no matter what the US likes to think).

The law is the law, and nobody, in any nation, is immune. A fact a lot of nations like to pretend they're somehow immune to. They aren't and there will always be a price to pay for such cavalier attitudes.

Re: (Score:2)

by gweihir ( 88907 )

Indeed. But there are always countless lawless assholes that hink the laws of other countries can be ignored, even when committing crimes in those same other countries. If the perpetrators and the crime are in different countries, extradition treaties come into play. Incidentally, there is an active extradition treaty between Israel and the United States.

If civil law is concerned, then the other treaties can apply or if the perpetrators have a business unit in the country the crime is committed in, that can

Comical (Score:3)

by RitchCraft ( 6454710 )

A spyware company trying to stop another spyware company. It's the modern day equivalent of Spy vs. Spy.

"the company will "suffer irreparable harm." (Score:4, Funny)

by oic0 ( 1864384 )

Are anyone's feelings hurt if an Israeli spyware company goes under?

Re: (Score:3)

by ArchieBunker ( 132337 )

Yes, [1]https://www.aipac.org/ [aipac.org]

[1] https://www.aipac.org/

Re: (Score:2)

by Himmy32 ( 650060 )

> In October 2025, NSO Group confirmed that a group of US-based investors, led by film producer Robert Simonds, had acquired a controlling interest in the company.

Or a company owned by the guy who inflicted [1]Adam Sandler comedies [wikipedia.org] on us.

[1] https://en.wikipedia.org/wiki/Robert_Simonds#As_producer

Bomb 'Em (Score:4, Informative)

by Bahbus ( 1180627 )

I can only hope NSO Group and every single employee gets bombed by Iran or whoever else Israel has pissed off.

What did you expect? (Score:2)

by kmoser ( 1469707 )

Ordinary citizen gets caught spearphishing: prosecution. Company gets caught spearphishing: nothing.

I'm shocked, shocked (Score:1)

by Anonymous Coward

That a company based in the zionist state is breaking whatever rules it can. No wait, what's the opposite of "shocked"?

Banectomy, n.:
The removal of bruises on a banana.
-- Rich Hall, "Sniglets"