The FBI Definitely Wanted NSO Group Malware For Investigative Use Despite Its Earlier (Non)Denial

from the unexpected-show-of-restraint dept

The New York Times has obtained more information about the FBI’s courting of NSO Group, something that has since raised questions from its oversight.

An earlier report from the Times stated that NSO Group had arrived at FBI headquarters in 2019 to allow the agency to test drive a version of its Pegasus malware, one that allowed it to target US phone numbers. According to NSO, Pegasus, in its original form, is incapable of targeting US phone numbers, a concession NSO made while selling its malware to human rights abusers around the world.

The initial set of documents obtained by the Times gave the impression that this was nothing more than an NSO sales call, one hoping to make inroads in a nation less associated with human rights abuses than NSO’s existing customer base. To its credit, the FBI handled this carefully, buying up dummy phones to target and ultimately deciding against purchasing the bespoke malware (dubbed “Phantom”) because it raised too many constitutional concerns.

But new documents obtained by the New York Times show it was the FBI courting NSO, rather than the other way around. It definitely wanted to target Americans with this powerful, zero-click malware.

The F.B.I. informed the Israeli government in a 2018 letter that it had purchased Pegasus, the notorious hacking tool, to collect data from mobile phones to aid ongoing investigations, the clearest documentary evidence to date that the bureau weighed using the spyware as a tool of law enforcement.

The F.B.I.’s description of its intended use of Pegasus came in a letter from a top F.B.I. official to Israel’s Ministry of Defense that was reviewed by The New York Times. 

The FBI already had a license for Pegasus in 2018, months before NSO Group showed up with a version that could target US phone numbers. Since the FBI is a (self-proclaimed) anti-terrorism agency, it could have deployed Pegasus to target foreign phones. So far, no documentation has surfaced that suggests the FBI deployed the unaltered Pegasus spyware. But the fact that it made the purchase prior to the NSO’s visit demonstrates a powerful interest in fully compromising phones of investigation targets.

It turns out $5 million in tax dollars can buy a whole lot of nothing. The FBI ditched both Pegasus and its US equivalent, Phantom, without ever having used them in investigations. At least that’s what FBI Director Chris Wray told Congress:

During a congressional hearing in March, the F.B.I. director, Christopher A. Wray, said the bureau had bought a “limited license” for testing and evaluation “as part of our routine responsibilities to evaluate technologies that are out there, not just from a perspective of could they be used someday legally, but also, more important, what are the security concerns raised by those products.”

“So, very different from using it to investigate anyone,” he said.

Maybe so. But then again, this newly released public record punches a couple of holes in the narrative created by the FBI’s first document release. There’s no reason to believe this is the end of the story. And, at the very least, it shows the FBI is willing to spend millions to find some way to work around constitutional protections and expand its domestic surveillance capabilities.

Filed Under: , , , , , , ,
Companies: nso group

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “The FBI Definitely Wanted NSO Group Malware For Investigative Use Despite Its Earlier (Non)Denial”

Subscribe: RSS Leave a comment

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...