Using NSO spyware has been illegal in the US since the government banned its import and use back in November 2021. When it was discovered that a US contractor had illegally used the spyware in April of this year, the FBI was asked to find out the identity of the end client. That client turned out to be… the FBI.
The FBI has discovered that it was the one illegally using
NSO spyware, a tool declared a national security risk by the US government. This Israeli-made spyware, known as
Pegasus and Landmark, can remotely hack iPhones and identify phone locations through vulnerabilities in cellphone base stations.
The FBI's involvement came to light when a US contractor, Riva Networks, was found to have illegally purchased and used the spyware on behalf of an undisclosed US government client. The New York Times revealed that the "United States government" was the ultimate user of the tool, raising questions about which government agency authorized the deal.
The FBI launched an investigation into the matter and eventually uncovered the truth: it was unknowingly using the spyware. The agency claims that Riva Networks misled them and switched from using an in-house tool to
NSO's Landmark spyware.
While the FBI terminated the contract with Riva Networks upon discovering the misuse, concerns linger about the possibility of other government agencies being involved. Riva Networks has contracts with the Department of Defense, the Drug Enforcement Administration (DEA), and the Air Force Research Laboratory.
The DEA is also reported to be using a similar tool to
Pegasus, offered by a competitor of
NSO, Paragon Graphite. Although the use of this tool is not illegal, it raises ethical questions.
The revelations have sparked inquiries into the extent of illegal spyware usage within US agencies and have put the spotlight on the need for stricter regulations to safeguard privacy and national security.