Meta said Monday that it caught a spearphishing campaign linked to spyware maker NSO Group despite a court injunction, prompting the tech giant to file a contempt-of-court complaint.

The company won a civil case last year against NSO Group barring it from targeting WhatsApp users and securing $168 million in damages, although NSO Group has been appealing the ruling.

But Meta says NSO Group, makers of the Pegasus spyware, isn’t honoring the permanent injunction.

“We successfully disrupted NSO-linked social engineering attempts, after investigating user reports,” it said in a blog post. “They tried to trick people into clicking on malicious links to drive them to external websites outside of WhatsApp, similar to previously reported 1-click phishing campaigns linked to NSO. We also caught them creating test accounts and groups on WhatsApp, which we took down.”

Meta said the campaign resembled spyware infections that hit journalists and activists in Jordan from 2019 to 2023.

NSO Group didn’t respond to requests for comment about Meta’s accusations.

One top researcher who tracks spyware said NSO Group’s actions are an argument for keeping them on the U.S. sanctions “entity” list that the company has fought to be removed from since its designation in 2021.

“NSO’s own actions make the strongest argument for why they should stay on the Entity list,” John Scott-Railton, senior researcher at the University of Toronto’s Citizen Lab, wrote on social media. “And reaffirm that the decision to put them there was the right one.”

Meta made the same argument.

“When a malicious company on the US government’s Entity List continues to defy US courts, existing restrictions must remain firmly in place,” it said in its blog post. “Easing them would undermine US national security and put American companies and billions of people worldwide who depend on secure communications at risk.”

Lawmakers have sought information on the federal government’s prospective use of NSO Group tech and other kinds of spyware, despite a blacklist, given close ties between the company’s new executive chairman and President Donald Trump.

The post Meta accuses NSO Group of defying spyware injunction, files contempt of court complaint appeared first on CyberScoop.

Interpol coordinated an expansive investigation with 13 countries in the Middle East and North Africa to disrupt and take down cybercrime operations, including phishing services and tools, malware and scams. The law enforcement effort netted 201 arrests, led to the seizure of 53 servers and disrupted multiple cybercrime services, Interpol said Monday.

Operation Ramz, which the law enforcement organization said was the first large-scale effort of its kind in the region, also identified 382 suspects over a four-month period ending in February. The collective countermeasures allowed authorities to pin the various malicious activities to nearly 4,000 victims.

“In a world where cybercriminals exploit the digital landscape without borders, Operation Rams demonstrates the effectiveness of global collaboration,” Neal Jetton, Interpol’s director of cybercrime, said in a statement.

Police in Jordan tracked down a computer involved in financial fraud scams and, during a raid, found 15 people carrying out the scams who were later determined to be victims of human trafficking. The victims were recruited under false promises of employment from their home countries in Asia and had their passports confiscated upon arrival in Jordan, officials said. 

A pair of ringleaders behind the operation, who forced or coerced the victims to participate in the scheme, were arrested, according to Interpol. 

Law enforcement agencies in Algeria dismantled a phishing service by seizing a server and other devices linked to the operation. Moroccan authorities also seized multiple devices containing banking data and software for phishing operations.

Officials in Oman remediated a server containing sensitive information that was infected with malware, and compromised by vulnerabilities. Meanwhile, investigators in Qatar identified and secured multiple compromised devices that were being used, unbeknownst to their owners, of spreading malicious threats. 

Authorities involved in the months-long effort gathered almost 8,000 pieces of data that was shared among participating countries to support ongoing investigations.

Operation Ramz was supported by Algeria, Bahrain, Egypt, Iraq, Jordan, Lebanon, Libya, Morocco, Oman, Palestine, Qatar, Tunisia and the United Arab Emirates. Multiple companies and organizations also helped Interpol track illegal cyber activities and identify malicious servers, including Group-IB, Kaspersky, the Shadowserver Foundation, Team Cymru and Trend Micro. 

“Interpol is dedicated to working with its member countries and private sector partners to take down malicious infrastructure, disrupt criminal groups and bring perpetrators to justice,” Jetton said.

The post Interpol leads cybercrime crackdown across 13 countries in Middle East, North Africa appeared first on CyberScoop.