Credit Suisse pushed for NSO Group to keep selling its Pegasus spyware to new customers just weeks after the US blacklisted the Israeli cyberweapon manufacturer, saying authoritarian regimes had used its hacking tool to silence dissent.
The request was made in a December letter by lawyers representing the Swiss bank and some of its fellow NSO creditors including the hedge fund Senator, as well as the US investment bank Jefferies in its capacity as the overseer of a loan to NSO.
It came after revelations about how Pegasus had been used to hack the phones of journalists, activists and even the estranged wife of Dubai’s billionaire ruler, which plunged NSO into financial turmoil.
The push sheds new light on the approach taken by some banks and Wall Street firms that financed the weapons manufacturer with a history of reported links to human rights violations. The US blacklisted NSO in November over the abuse of the powerful Pegasus cyberweapon by its clients.
At the time of the request by Credit Suisse and fellow creditors, NSO had gone months without signing a new client and had borrowed $10mn to meet its October payroll.
“The lenders understand and support the need for caution given the global attention and heightened scrutiny focused on the company,” they said in a December 10 2021 letter to Berkeley Research Group, a consultancy that had been appointed to manage a buyout fund owning 70 per cent of NSO.
But the creditors added they were “troubled” by a claim from NSO that BRG was preventing it “from pursuing and obtaining new customers”.
This “has deepened the company’s current liquidity crisis”, they added, and NSO “must be able to conduct its normal operations, with proper oversight, during this critical period”.
The letter, part of a court case in Israel — and seen by the Financial Times — did not name the creditors but two people with knowledge of the matter said Credit Suisse and Senator were in the lender group on whose behalf it was sent.
The letter came from Willkie Farr & Gallagher, which said it represents lenders accounting for more than 75 per cent of NSO Group’s outstanding loans under a 2019 agreement. It said the lawyers also represented Jefferies in its role as an administrative agent.
BRG responded to the lenders, saying that it was “deeply concerning” that they were pressing for Pegasus sales.
NSO’s management team had “conceded” that since the publication of the Pegasus Project by a consortium of journalists in July, “the only new potential customer bookings for the Pegasus software system are from elevated risk customers”, at least one of which was understood to have misused the hacking tool before, it said.
BRG said that “in no circumstance” was it prepared to approve these sales. Instead, it said, the spyware maker should “address the underlying issues” that led the US to blacklist it.
Credit Suisse, Jefferies, Senator and BRG declined to comment. Willkie Farr did not respond to requests to comment.
NSO said the “legal business dispute does not involve NSO as the debt in question is not NSO’s” and that it continues “to generate new business” after conducting “a rigorous due diligence process and has terminated 10 customers in recent years based on credible allegations or verification of abuse”. A person close to the company said BRG’s claim that NSO’s business prospects relied on selling to high-risk customers was false.
It is one of a series of controversies involving Credit Suisse, a bank already roiled by multiple scandals such as the collapse of Archegos and Greensill Capital and the “spygate” saga involving the corporate surveillance of staff.
Pegasus works by mirroring the contents of a phone, including encrypted messages, and it can record video and audio surreptitiously. Spain’s government said last month that Pegasus was used to hack its prime minister’s and defence minister’s phones.
BRG has previously said NSO was “valueless” to its private equity backers, an indication that the lenders could be in a position to take control of the company if they chose to.
Credit Suisse and Jefferies acted as bookrunners to raise half a billion dollars in debt financing for the spyware group’s private equity buyout in 2019.
The blacklisting means NSO cannot buy equipment or services from US companies without approval. The company is facing lawsuits from Apple, which is seeking an order stopping NSO from using its products, and Meta, which says NSO exploited a vulnerability in WhatsApp to deliver its spyware.
BRG was last year put in charge of managing the €1bn private equity fund that owns the NSO stake after its previous managers, a trio of former TPG executives who founded Novalpina Capital, were ousted by their own investors.