CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 08, 2026

Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order

The Hacker News Archived Jun 08, 2026 ✓ Full text saved

Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group. In addition, the tech giant said it's filing a federal court contempt order against the company for violating a permanent injunction that barred it from targeting WhatsApp and its users. "They tried to trick people into clicking on malicious links to drive them to external websites

Full text archived locally
✦ AI Summary · Claude Sonnet


    Meta Blocks NSO Group's New WhatsApp Phishing Attack, Files Contempt Order Ravie LakshmananJun 08, 2026Spyware / Mobile Security Meta on Monday said it detected and blocked spear-phishing attempts linked to Israeli spyware vendor NSO Group. In addition, the tech giant said it's filing a federal court contempt order against the company for violating a permanent injunction that barred it from targeting WhatsApp and its users. "They tried to trick people into clicking on malicious links to drive them to external websites outside of WhatsApp, similar to previously reported 1-click phishing campaigns linked to NSO," Meta said. The social media company also said it caught NSO Group creating test accounts and groups on WhatsApp. They have since been taken down by Meta. The list of malicious domains linked to the activity is listed below - fr24cast[.]com ghazacast[.]com ikhwancast[.]com The development comes a year after NSO Group was fined approximately $168 million in monetary damages, after a U.S. court found the company to have violated U.S. laws by exploiting WhatsApp servers to deploy Pegasus spyware targeting over 1,400 individuals globally. In 2021, the company was also added to a U.S. Commerce Department blocklist for engaging in activities that are "contrary to the national security or foreign policy interests of the United States." "As always, WhatsApp users' personal messages and calls remain protected with default end-to-end encryption," Meta said. "We encourage people to keep their apps and devices up to date and report suspicious activity so we can quickly investigate and take action." Users who believe they may be at elevated risk of sophisticated cyber attacks because of who they are and what they do are recommended to enable strict account settings to harden their accounts. The feature reduces the attack surface by locking the account to more private settings, such as follows - Two-step verification is turned on. Link previews are turned off. Last seen and online, profile photo, About details, and profile links are locked to contacts only or to a pre-established list of people. Only known contacts or a pre-established list of people can be added to groups. "Strict account settings are an advanced security feature that turns on privacy and security controls to help protect accounts from sophisticated cyber attacks," Meta notes in its help document. "Strict account settings are an optional, lockdown-style security feature that, when enabled, reduces your vulnerability to cyber attack by limiting functionality." Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share SHARE  cybersecurity, end-to-end encryption, Meta, NSO Group, Pegasus, Phishing, Spear Phishing, Spyware, WhatsApp ⚡ Top Stories This Week Malicious npm Package Stole Files From Claude AI User Directory via GitHub Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites ⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit Load More ▼ ⭐ Featured Resources Learn How to Stop Attacks Before They Reach Your EDR – With PHASR Your Employees Are Using AI in Ways You Can’t See – 2026 State of AI Report Watch AI Turn Vulnerabilities Into Working Exploits in Minutes (See the Demo) [Guide] The Real Security Risks of Shadow AI (And Where You’re Exposed)
    💬 Team Notes
    Article Info
    Source
    The Hacker News
    Category
    ◇ Industry News & Leadership
    Published
    Jun 08, 2026
    Archived
    Jun 08, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗