FBI Admits Procurement Of NSO’s Pegasus For ‘Product Testing’

The Federal Bureau of Investigation (FBI) has made the startling admission that it obtained NSO Group’s powerful Pegasus spyware.

However, the FBI says it has never used the spyware in any investigation, and only “procured a limited licence for product testing and evaluation only.”

It comes amid a debate about the future of Pegasus itself. In December Israeli surveillance specialist NSO was said to be exploring its options that included shutting its Pegasus unit or selling the entire company, such is the level of controversy surrounding the infamous spyware.

FBI Pegasus

The FBI made the admission that it had purchased Pegasus during the administration of former President Donald Trump in 2019 to the Guardian newspaper.

It said it bought access to the surveillance tool to “stay abreast of emerging technologies and tradecraft”.

In a statement released to the Guardian, the FBI said it had procured a “limited licence” to access Pegasus for “product testing and evaluation only”, and suggested that its evaluation of the tool partly related to security concerns if the spyware fell into the “wrong hands”.

The FBI also claimed it had never used Pegasus in support of any FBI investigation.

The admission that the FBI had acquired Pegasus in 2019 is a stunning development.

It is even more remarkable when it is remembered that in November 2021, the Biden administration placed NSO on its Entity List, due to the furore surrounding the Pegasus spyware.

NSO was placed on the US commerce department blacklist in 2021, due to evidence the company’s hacking tools had enabled governments around the world to conduct “transnational repression”, targeting dissidents and journalists.

This US blacklisting resulted in NSO’s incoming CEO quitting the following week.

NSO control

According to the Guardian, once deployed, the user of Pegasus spyware can take complete control of a person’s phone, accessing messages, intercepting phone calls and using the phone as a remote listening device.

A person with close knowledge of the FBI deal told the Guardian that it occurred after a “long process” of negotiations between US officials and NSO.

There was reportedly a disagreement between the FBI and NSO over how much control NSO would retain over its software.

The source told the Guardian that NSO usually kept sensors on its technology so that the company could be alerted in Israel if the technology was moved by a government client.

But the source claimed the FBI did not want the technology to be fitted with sensors that would have allowed NSO to track its physical location.

The source also claimed that the FBI did not want NSO’s own engineers to install the technology and did not want to integrate the spyware into its own systems. It is understood that ultimately NSO and the FBI agreed to keep the technology in a large container.

The FBI was also concerned about possible “leakage” of any data to another foreign intelligence service, the source told the Guardian.

The Guardian also reported that the Pegasus licence was acquired by the FBI using a financial “vehicle” that was not easily identified as being linked to the bureau.

In the end, the source claimed, the FBI did not actually use Pegasus.

“They weren’t using it at all. Like, not even switching it on. But they kept paying for it, and they wanted to renew. It was a one-year test project and it cost about $5m [£3.7m], and they renewed for another $4m,” the source claimed. “But they didn’t use it.”

FBI statement

“The FBI works diligently to stay abreast of emerging technologies and tradecraft – not just to explore a potential legal use but also to combat crime and to protect both the American people and our civil liberties,” the FBI said in an emailed statement to the Guardian newspaper in response to claims about the bureau’s acquisition of Pegasus.

“That means we routinely identify, evaluate, and test technical solutions and problems for a variety of reasons, including possible operational and security concerns they might pose in the wrong hands. There was no operational use in support of any investigation, the FBI procured a limited licence for product testing and evaluation only.”

NSO has categorically denied that its Pegasus spyware can be used against US mobile phones.

Another point to note about the FBI admission is that it has been seeking a way to unlock Apple iPhones for a while now.

In early 2016, Apple and the FBI were engaged in a very public disagreement, after Apple refused an FBI request to help unlock the iPhone 5C belonging to the suspect in December 2015’s shootings in San Bernardino.

In the end the FBI reportedly paid more than £1 million to an undisclosed private firm to unlock the device.

At the time there was speculation that the FBI had used NSO, but it denied it was involved. The finger of suspicion then turned to Cellebrite.

NSO is currently engaged in a legal battle with WhatsApp, after Facebook sued NSO in October 2019 when it alleged NSO was behind the cyberattack that infected WhatsApp users with advanced surveillance hacks in May 2019.

Apple also sued NSO in November last year, alleging NSO engaged in surveillance and targeting of iPhone users in the US.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Spyware Maker NSO Group Found Liable In US Court

Landmark ruling finds NSO Group liable on hacking charges in US federal court, after Pegasus…

2 days ago

Microsoft Diversifying 365 Copilot Away From OpenAI

Microsoft reportedly adding internal and third-party AI models to enterprise 365 Copilot offering as it…

2 days ago

Albania Bans TikTok For One Year After Stabbing

Albania to ban access to TikTok for one year after schoolboy stabbed to death, as…

2 days ago

Foldable Shipments Slow In China Amidst Global Growth Pains

Shipments of foldable smartphones show dramatic slowdown in world's biggest smartphone market amidst broader growth…

2 days ago

Google Proposes Remedies After Antitrust Defeat

Google proposes modest remedies to restore search competition, while decrying government overreach and planning appeal

2 days ago

Sega Considers Starting Own Game Subscription Service

Sega 'evaluating' starting its own game subscription service, as on-demand business model makes headway in…

2 days ago