Meta Platforms has escalated its long-running legal battle with Israeli spyware company NSO Group, filing a federal court motion for contempt on Monday after allegedly discovering new spear-phishing attempts linked to the controversial firm targeting WhatsApp users.
The social media giant said its messaging service recently disrupted fresh attacks that mirrored previous “1-click” phishing campaigns, in which users are tricked into clicking malicious links that can compromise their devices without requiring passwords or further interaction. Meta said it took down test accounts and groups created by NSO on its platform as part of the response.
“These attempts were similar to previous ‘1-click phishing campaigns’ aimed to trick users into clicking malicious links and direct them to external websites,” the company said in a blog post.
Register for Tekedia Mini-MBA edition 20 (June 8 – Sept 5, 2026).
Register for Tekedia AI in Business Masterclass.
Join Tekedia Capital Syndicate and co-invest in great global startups.
Register for Tekedia AI Lab.
The move comes after a U.S. court issued a permanent injunction last year barring NSO from targeting WhatsApp or its users. While the court significantly reduced the punitive damages NSO owed Meta, from an initial $167 million down to $4 million, the injunction itself was viewed as a major blow to the spyware firm, which has faced widespread accusations of enabling human rights abuses through its Pegasus tool.
Meta’s latest filing accuses NSO of violating that permanent injunction. The company said the new attempts were part of a pattern of behavior it has been monitoring closely. By seeking contempt charges, Meta is signaling it will not tolerate continued efforts to undermine the security of its platforms, even from sophisticated state-linked actors.
NSO Group, which has been blacklisted by the U.S. government for activities “contrary to the national security or foreign policy interests of the United States,” has long maintained that its tools are intended only for legitimate law enforcement and intelligence purposes against terrorists and criminals. However, investigations by Amnesty International, Citizen Lab, and others have repeatedly linked Pegasus to the targeting of journalists, activists, opposition figures, and human rights defenders around the world.
Meta’s action also underscores the ongoing arms race between platform defenders and offensive cyber tools. “1-click” attacks are particularly dangerous because they require minimal user interaction, making them effective even against cautious targets. WhatsApp’s end-to-end encryption provides strong privacy protections, but sophisticated actors continue to probe for weaknesses in the broader ecosystem, including through social engineering and zero-click or one-click exploits.
Last month, Meta was joined by 12 prominent civil rights organizations, security researchers, privacy advocates, and digital rights experts who filed amicus briefs supporting the permanent injunction and opposing NSO’s appeal. This coalition indicates growing concern over the proliferation of commercial spyware and its potential for abuse by both authoritarian and democratic governments.
The legal fight serves multiple purposes for Meta, which includes protecting its users, bolstering the security of one of the world’s largest messaging platforms (with over 2 billion daily users), and sending a strong signal to other surveillance vendors. The company has invested heavily in security, encryption, and threat intelligence in recent years, partly in response to high-profile spyware incidents.
This latest chapter fits into a larger pattern. Tech companies like Meta, Apple, and Google have increasingly clashed with governments and spyware firms over encryption, backdoors, and user privacy. Apple has sued NSO in the past, and WhatsApp itself has taken legal action to protect its users.
These efforts underpin a growing recognition that commercial spyware poses systemic risks to democratic norms, journalist safety, and civil society.
At the same time, law enforcement agencies worldwide argue they need powerful tools to combat serious crime and terrorism in an encrypted world. This makes it difficult to strike the right balance, and cases like Meta vs. NSO often become proxies for larger debates about sovereignty, security, and human rights in the digital age.
As spyware capabilities grow more sophisticated, the cat-and-mouse game between platforms and attackers is likely to intensify, with significant implications for privacy, security, and trust in digital services. Meta’s contempt motion is expected to keep pressure on NSO while the appeal process continues.