WhatsApp Wins $167 Million Verdict Against NSO Group for 2019 Spyware Attacks
After a five-year legal battle, WhatsApp won a $167 million verdict against spyware maker NSO Group for exploiting a 2019 vulnerability to hack over 1,400 users. The ruling marks a historic victory against illegal spyware targeting activists and journalists, reinforcing privacy and security protections. NSO Group may appeal, but the case sets a critical precedent against malicious surveillance.
In a landmark legal victory, WhatsApp has been awarded over $167 million in damages from NSO Group, the notorious spyware maker responsible for a 2019 hacking campaign targeting more than 1,400 users worldwide. This ruling comes after a protracted five-year legal battle and highlights the growing global concern over illegal surveillance and privacy violations.
The jury ordered NSO Group to pay $167,256,000 in punitive damages and approximately $444,719 in compensatory damages to WhatsApp. The compensatory damages reflect the extensive efforts WhatsApp employees dedicated to investigating the attacks, remediating vulnerabilities, and deploying security patches to protect users from further exploitation.
WhatsApp’s spokesperson, Zade Alsawah, hailed the verdict as a historic step forward in combating illegal spyware that threatens the safety and privacy of individuals globally. Alsawah emphasized that the ruling serves as a critical deterrent to the spyware industry, which often targets American companies and undermines user security.
Despite the verdict, NSO Group’s spokesperson Gil Lainer indicated the company may appeal, stating they will review the details and pursue further legal remedies. This underscores the ongoing challenges in holding spyware vendors accountable through legal channels.
The lawsuit revealed critical details about the 2019 spyware campaign, including the identities of some victims—dissidents, human rights activists, and journalists—and some of NSO Group’s customers. WhatsApp originally filed the lawsuit in 2019 after discovering that NSO exploited an audio-calling vulnerability in the app to conduct unauthorized surveillance.
Will Cathcart, WhatsApp’s head, described the lawsuit as a wake-up call for technology companies, governments, and internet users about the dangers of surveillance tools falling into irresponsible hands. He stressed the risk these tools pose to privacy and security worldwide.
In December, a federal judge ruled NSO Group liable for violating hacking laws and WhatsApp’s terms of service, which prohibit malicious use of the platform. This ruling paved the way for the jury trial that determined the damages now awarded.
Experts like John Scott-Railton of Citizen Lab praised the verdict as a significant blow to NSO’s business model, which profits from enabling authoritarian regimes to hack dissidents. The swift jury decision after years of legal maneuvering highlights the growing intolerance for mercenary spyware.
This case sets a precedent for holding spyware vendors accountable and reinforces the importance of robust cybersecurity measures to protect user privacy. It also signals to technology companies and governments the critical need to address vulnerabilities proactively and resist the proliferation of illegal surveillance tools.
AI Tools Built for Agencies That Move Fast.
QuarkyByte empowers cybersecurity leaders with in-depth analysis and actionable insights on spyware threats and legal precedents. Explore our expert resources to understand how to defend your platforms against sophisticated attacks and safeguard user privacy in an evolving threat landscape.