Federal Bureau of Investigation says that it got a "limited licence" from NSO's hacking tool for "testing and evaluation" and it was not used to snoop on people.

FBI reportedly paid $4-5 million to renew the licence but never used the spyware.
FBI reportedly paid $4-5 million to renew the licence but never used the spyware. (Reuters)

The Federal Bureau of Investigation (FBI) has acknowledged that it acquired and tested a hacking tool Pegasus made by notorious Israeli surveillance company NSO Group, but the US law enforcement agency said it did not use it for any investigation.

"The FBI procured a limited license for product testing and evaluation only, there was no operational use in support of any investigation," an FBI spokesperson said in a statement, confirming reports that appeared earlier in The New York Times and The Guardian newspapers.

FBI suggested its motivation was to "stay abreast of emerging technologies and tradecraft, adding, its Pegasus licence was no longer active.

The Israeli surveillance firm has been embroiled in controversy after revelations that its tools were misused by governments and other agencies to hack iPhones.

NSO has said its technology is intended to help catch terrorists, pedophiles and hardened criminals. The company is currently being sued by iPhone maker Apple Inc for violating its user terms and services agreement.

The company did not immediately respond to a request for comment.

READ MORE: How Israel used the NSO Group to further its diplomacy

Posing risk to US

NSO, which has long kept its client list confidential, has said that it sells its products only to "vetted and legitimate" government clients. Security researchers and academics have found that NSO's tool has been used against political dissidents, journalists and activists.

The FBI's admission comes at an awkward time. 

Only last month the US National Counterintelligence and Security Center said in a statement posted to Twitter that software being peddled by surveillance firms was "being used in ways that pose a serious counterintelligence and security risk to US personnel and systems." 

Late last year the US Commerce Department added NSO to a blacklist over human rights concerns.

In 2020 Reuters news agency reported that the FBI was investigating the role of NSO in possible hacks on American residents and companies. 

The FBI did not immediately return a message seeking comment on the status of the inquiry, which Reuters said had been underway since at least 2017.

'Terribly counterproductive'

"Spending millions of dollars to line the pockets of a company that is widely known to serially facilitate widespread human rights abuses, possible criminal acts, and operations that threaten the US's own national security is definitely troubling," said Ron Deibert, director of Citizen Lab, the University of Toronto internet watchdog that has exposed dozens of Pegasus hacks since 2016.

"At the very least, this seems like a terribly counterproductive, irresponsible, and ill-conceived way" to keep abreast of surveillance tech, he added.

An FBI spokesperson did not say what the agency paid NSO Group or when, but The New York Times reported last week that it obtained a one-year licence for $5 million, testing it in 2019. 

On Wednesday, The Guardian quoted a source familiar with the deal as saying the FBI paid $4 million to renew the licence but never used the spyware, which infiltrates a target's smartphone, granting access to all its communications and location data and converting it into a remote eavesdropping device.

READ MORE: Israeli police admit using spyware without warrant to target citizens

Source: Reuters