The FBI has confirmed that The Washington Post that the agency was licensed to use NSO’s Pegasus spyware and had tested the software’s capabilities. The agency insists the software, which is capable of silently infecting phones and accessing camera and microphone feeds, contacts, texts and more, was never used “in support of any investigation”, but the Messages report says there were at least discussions within the FBI and the Department of Justice about how the FBI might deploy the spyware.
Confirmation will come later The New York Times released a sweeping report last week, detailing the FBI’s relationship with the NSO. Not only did the FBI try out the spyware on phones with foreign SIM cards, according to the Afterbut the agency also had discussions about the legality of a version of Pegasus that could be used in the US called Phantom.
It’s a worrying detail – NSO has repeatedly claimed that Pegasus cannot be used on phone numbers with a +1 country code and should only be used in countries outside the US. If Phantom is, as a former NSO employee told Sin, just a brand name for the “same Pegasus,” then the company told the public and law enforcement agencies very different stories. According to the TimeThe FBI decided not to use Pegasus for international or domestic use around the time Forbidden Stories and a coalition of news outlets were distributing dozens of reports about the spyware.
The FBI has no other details of the… Time’ report to the Aftersuch as the claim that it had been given a $5 million bill with NSO and that it had at one point extended a contract for Pegasus. However, the FBI reiterated a statement that it will “routinely identify, evaluate and test technical solutions and issues for a variety of reasons, including potential operational and security issues they could cause in the wrong hands.”
The Time’ report is well worth a read, as it takes an in-depth look at the Israeli government’s approval process for Pegasus and how the tool eventually became more or less a part of the country’s foreign policy. It also takes a look at NSO’s history as a company and details how it went from a startup targeting phone support agents to a spyware company beleaguered by controversy, lawsuits, and reports of government abuse.
Since the first reports came out last summer, NSO has been dealing with almost constant problems. The company was blacklisted by the US government, severely restricting its ability to do business with US-based tech companies. Further investigations also linked the spyware (which may only be sold to government agencies approved by the Israeli government) to the murder of journalist Jamal Khashoggi, the hacking of US State Department phones and political surveillance in Poland. Apple has sued the company for attacking iPhones and the chairman resigned over allegations that Pegasus was being used domestically by Israeli police forces.