Fresh concerns around digital security have emerged after Meta revealed that it successfully disrupted a new phishing campaign aimed at WhatsApp users. The company claims the attacks were linked to an entity associated with the NSO Group, the surveillance technology firm known for its Pegasus spyware.
According to Meta, the attack involved sophisticated “spear phishing” and social engineering tactics designed to trick users into clicking malicious links. These links reportedly redirected victims to external websites that could potentially compromise their security.
The company said it became aware of the activity after receiving reports from users. Following an investigation, Meta identified and blocked multiple malicious operations connected to the campaign.
Meta further stated that the attackers created test accounts and groups on WhatsApp as part of their efforts. These accounts have since been removed from the platform. The company also disclosed 3 malicious domains linked to the campaign, enabling users to check whether they may have been targeted through WhatsApp messages, emails, or text messages.
According to the company, the latest activity appears similar to previously reported “1-click phishing campaigns” allegedly linked to the same spyware network.
The development carries legal implications as well. Meta claims the new attacks may violate a 2025 court injunction that prohibited the NSO Group from targeting WhatsApp users in the future. The company now plans to approach the US District Court and request that the surveillance firm be held in contempt of court.
The legal dispute between the two companies has been ongoing for several years. In 2024, a US District Court ruled in Meta’s favour, finding the NSO Group in violation of the Computer Fraud and Abuse Act (CFAA) and California’s Comprehensive Computer Data Access and Fraud Act (CDAFA). A separate hearing in 2025 later determined compensation and resulted in an injunction against future attacks targeting WhatsApp users.
The latest incident highlights the growing challenges technology companies face in protecting users from increasingly sophisticated cyber threats and phishing campaigns.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.