Report: U.S. used front company to buy Israeli spyware

According to a report in the New York Times, the Biden administration is using NSO’s ‘Landmark,’ a geolocation system that reveals the location of a person by inputting their phone number

The Israeli tech firm NSO makes hacking tools that are used across the globe. Photo by Getty Images

By Haaretz April 3, 2023

This article originally appeared on Haaretz, and was reprinted here with permission. Sign up here to get Haaretz’s free Daily Brief newsletter delivered to your inbox.

The United States government is an active client of the Israeli offensive cyber firm NSO Group, known for its infamous Pegasus spyware, according to a report by the New York Times.

The Times’ investigation, published early Monday, revealed that five days after the Biden administration announced the blacklisting of NSO for activities contrary to the United States’ national security or foreign policy interests, the U.S. purchased a different software from NSO via a front company.

The software is known as “Landmark,” a geolocation system that reveals the exact location of a person by inputting their phone number.

The report comes one week after U.S. President Joe Biden signed an executive order banning the use of commercial spyware by the American government. The ban applies to “operational” use that pose a “risk” to American national security, specifically counterintelligence.

The Times’ report shows that while the administration was working on limiting the use of spyware, the American security establishment – specifically the FBI – wanted to use the software. Previously it was reported that the FBI purchased Pegasus for research purposes, and even looked into to using it for domestic investigations. Previous reports also stated that the CIA used Pegasus in Djibouti.

According to the report, despite being aware of the problematic nature of working with NSO, the U.S. government decided in November 2021 to buy its software via a front company from New Jersey called Cleopatra Holdings.

The New York Times’ report is the first known publication of the name of “Landmark.” This system is different from Pegasus, which is malware injected onto a target’s cellphone, thus allowing its operator to hack the phone, access all the information stored on it, read encrypted messages and secretly turn on both the camera and microphone.

The report claims that “Landmark” has been used numerous times, mostly against targets in Mexico. The Times also claims that the system was sold to Saudi Arabia and has been used by Crown Prince Mohammed bin Salman against dissidents.

A message from our CEO & publisher Rachel Fishman Feddersen

I hope you appreciated this article. Before you go, I’d like to ask you to please support the Forward’s award-winning, nonprofit journalism during this critical time.

The coming year promises to be filled with more complex and historic developments. We are entering an era where independent, fact-based Jewish journalism will be more important than ever. We need to be ready for whatever 2025 will bring, and with your help, we can be.

We’ve set a goal to raise $260,000 by December 31. That’s an ambitious goal, but one that will give us the resources we need to invest in the high quality news, opinion, analysis and cultural coverage that isn’t available anywhere else.

If you feel inspired to make an impact, now is the time to give something back. Join us as a member at your most generous level.

— Rachel Fishman Feddersen, Publisher and CEO