# Pegasus Case: NSO Hit With $167M Penalty for Hacking WhatsApp Users Like Indian Politicians
In a significant victory for the tech giant, a US jury has awarded Meta, the parent company of WhatsApp, over $167 million in punitive damages and $400,000 in compensatory damages from the NSO group. This comes as part of the ongoing lawsuit filed by Meta against NSO Group in 2019 for exploiting an audio-calling vulnerability present in WhatsApp at the time to plant spyware in users' phones.
The court's ruling is a major blow to NSO Group, a notorious foreign spyware merchant that has been accused of targeting American companies and individuals with its malicious software. "Today, the jury's decision to force NSO, a notorious foreign spyware merchant, to pay damages is a critical deterrent to this malicious industry against their illegal acts aimed at American companies and the privacy and security of the people we serve," said Meta in a press release about the jury's decision.
The lawsuit, which was filed by Meta in 2019, alleged that NSO Group had exploited a vulnerability in WhatsApp's audio-calling feature to install spyware on thousands of devices. The spyware, known as Pegasus, allowed attackers to intercept communication, track user movements, and access sensitive information such as emails, text messages, and financial data.
The impact of the Pegasus attack was felt across 51 countries, with 100 of the victims coming from India. Several high-profile Indian politicians and journalists were targeted by NSO Group, including Congress leader Rahul Gandhi, Minister for Electronics and Information Technology Ashwini Vaishnaw, and Siddharth Vardarajan, Founding Editor of The Wire.
Once the Pegasus software gained access to a user's device, it could remotely turn on the camera and microphone, capturing activity in the vicinity, and use GPS to track the user's movements. Meta explained that this meant attackers had access to "every kind of user data on the phone," including financial information, location data, emails, text messages, and more.
The Pegasus attack was not limited to WhatsApp users alone; NSO Group used various methods to exploit other companies' technologies, manipulating people into downloading malicious code. The NSO Group's tactics are a stark reminder of the ongoing threat posed by cyber espionage and the need for greater vigilance in protecting user privacy and security.
As Meta continues to work towards collecting the damages awarded by the jury, this ruling serves as a critical deterrent against the malicious activities of NSO Group and similar entities. The tech giant has vowed to continue fighting for the rights of its users, ensuring that companies like NSO Group are held accountable for their actions.
Stay informed about the latest developments in this story and other topics by following us on social media or subscribing to our Daily Newsletter.