A California federal judge ruled Friday that Israeli spyware developer NSO Group is liable for hacking into 1,400 WhatsApp users’ devices using its Pegasus spyware, granting WhatsApp a significant win in its long-standing legal battle. The decision resolves liability issues, leaving damages as the sole matter to be addressed at trial.
WhatsApp Claims Victory in Hacking Case
U.S. District Judge Phyllis J. Hamilton granted summary judgment in favor of WhatsApp, a Meta Platforms Inc. subsidiary, on claims that NSO violated federal law by accessing WhatsApp servers without authorization. Judge Hamilton found NSO’s actions violated the Computer Fraud and Abuse Act and WhatsApp’s terms of service, which prohibit harmful conduct such as reverse engineering and unauthorized access.
“Defendants appear to fully acknowledge that the [WhatsApp Installation Server] sent messages through WhatsApp servers that caused Pegasus to be installed on target users’ devices,” Judge Hamilton wrote. “The WIS was then able to obtain protected information by having it sent from the target users, through the WhatsApp servers, and back to the WIS.”
Breach of Contract and Discovery Violations
The court also ruled that NSO breached WhatsApp’s terms of service by reverse-engineering its software to deploy Pegasus. Judge Hamilton dismissed NSO’s claims that it could have accessed the platform without agreeing to the terms, describing this argument as lacking plausibility.
