Contact us
Contact us

News

About

Home Crypto News Meta blocks NSO-linked WhatsApp phishing, files contempt order

Meta blocks NSO-linked WhatsApp phishing, files contempt order

Author Whitewallet Research
Posted: 8 June 2026, 18:03 CET 2 min read

Meta announced it blocked NSO-linked spear-phishing on WhatsApp, removed test accounts and domains, and filed a federal contempt order alleging violation of a court injunction.

Meta announced Monday that it detected and blocked spear-phishing attempts tied to NSO Group on WhatsApp. The company removed test accounts and groups, took down linked domains and filed a federal contempt order alleging NSO violated a permanent court injunction that barred it from targeting WhatsApp and its users.

Meta described the activity as messages designed to trick recipients into clicking malicious links that redirected to external websites, a method similar to earlier one-click phishing campaigns attributed to NSO. The company identified domains associated with the operation as fr24cast.com, ghazacast.com and ikhwancast.com and said the test accounts and groups were removed after detection.

The contempt filing was submitted in federal court. In related litigation last year a U.S. court ordered about $168 million in damages after finding NSO had exploited WhatsApp servers to deploy Pegasus spyware against more than 1,400 individuals worldwide. In 2021 the U.S. Commerce Department added NSO to a blocklist for activities it said were contrary to U.S. national security or foreign policy interests.

Meta said WhatsApp continues to protect users’ personal messages and calls with default end-to-end encryption. The company urged people to keep apps and devices up to date and to report suspicious activity so it can investigate and take action.

Users who believe they face elevated risk were told to enable WhatsApp’s strict account settings to harden their accounts. Those settings turn on two-step verification, disable link previews, limit profile details such as last seen, online status and profile photo to contacts only or a pre-established list, and restrict who can add the account to groups. “Strict account settings are an advanced security feature that turns on privacy and security controls to help protect accounts from sophisticated cyber attacks,” Meta’s help document states.

Meta did not disclose whether any WhatsApp users were successfully compromised in the recent activity it blocked. NSO Group has previously denied wrongdoing in public responses to legal actions and sanctions.

Whitewallet Research
Author

Articles by this author

Malware in Pirated PC Games Steals Passwords and Crypto
Malware in Pirated PC Games Steals Passwords and Crypto
jun 8
Armstrong: Energy and Compute, Not Models, Will Cap AI Growth
Armstrong: Energy and Compute, Not Models, Will Cap AI Growth
jun 8
Custodial vs non-custodial wallet
Custodial vs non-custodial wallet
may 30
What is a crypto seed phrase
What is a crypto seed phrase
may 25
Seed phrase vs private key
Seed phrase vs private key
may 21

Latest News

MORE
Adam Back: Bitcoin won’t fire miners; Dashjr readies fork

Adam Back: Bitcoin won’t fire miners; Dashjr readies fork

jun 12 2 min read
Coinbase Lets AI Agents Trade Inside User-Controlled Limits

Coinbase Lets AI Agents Trade Inside User-Controlled Limits

jun 12 2 min read
Hackers Impersonate ChatGPT, Claude and DeepSeek

Hackers Impersonate ChatGPT, Claude and DeepSeek

jun 11 2 min read
Delaware advances bill to ban crypto ATMs after scam surge

Delaware advances bill to ban crypto ATMs after scam surge

jun 11 2 min read
MORE