Written by Patrick Howell O'Neill

The Israeli hacking company NSO Group has been put up for sale for a price of more than $1 billion, according to multiple people familiar with the matter.

The U.S.-based private equity firm Francisco Partners Management, which owns NSO Group, is looking to bring in around 10 times the $120 million it paid for a majority stake in the company in 2014. The group grew from around 50 employees when it was acquired to nearly 10 times that size, including more than 200 engineers dedicated to the hacking products that bring in the company’s rising profits.

NSO, which is known for selling cutting-edge offensive hacking technology to governments around the world, traces its roots to the Israeli military’s world-renowned signals intelligence unit known as Unit 8200.

The Israeli business publication Calcalist reported that NSO Group was being shopped around last month. CyberScoop independently spoke with numerous NSO business associates who confirmed that report. NSO Group and Francisco Partners both declined to comment on this story.

The group is most famous for “Pegasus” malware, a suite of highly sophisticated mobile malware programs armed with multiple zero day exploits against Apple’s iOS. Pegasus was found to be targeting a famous human rights activist named Ahmed Mansoor in the repressive United Arab Emirates.

Mansoor has been been in solitary confinement in a UAE jail for nearly three months without contact of a lawyer. He has spent the last decade targeted by the UAE government and numerous high profile cyber-mercenary firms, having been charged with criticizing the ruling regime.

Pegasus’ discovery by researchers from Citizen Lab and mobile security company Lookout led back to the secretive, complex and opaque NSO Group. It also takes part in and sponsors surveillance-industry trade shows like ISS World, where the company sells wares to governments.

It’s not clear at this point if a buyer will be found for NSO Group. Many major western military contractors who can afford a billion-dollar shopping spree already have in-house shops working on surveillance and hacking technology.

NSO’s competitors include companies like Hacking Team, Gamma Group, FinFisher and Area SPA.

Hacking and surveillance companies typically avoid public attention at all costs. The Pegasus discovery attracted such attention from global media and the cybersecurity industry that it pushed NSO Group’s normally hushed operation into action, according to multiple individuals who have previously worked with the company. The sources asked for anonymity due to nondisclosure agreements, which NSO Group requires for business discussions.

In the 10 months since Pegasus put NSO Group in the spotlight, the company has had to adjust its sales pitch to answer new questions about its operation.

NSO Group executives have told business associates that the Pegasus incident — which burned three zero-day vulnerabilities — disrupted their work for around 30 minutes before they pulled the next three zero-days off the shelf and resumed operations.

In addition to the work in the Middle East, multiple people with knowledge of NSO Group’s sales presentations say its executives claim the Mexican government used the group’s spyware to catch Joaquín “El Chapo” Guzmán, the drug lord who was extradited to the U.S. to face criminal charges.

CyberScoop was not able to confirm NSO’s role in the capture of El Chapo. However, the Mexican government has been using advanced spyware against drug lords since at least 2013, and has a $20 million contract with NSO Group.

CyberScoop’s sources also say the company is avoiding mentions in its sales pitch of Mexican activists or journalists being targeted with the company’s multimillion-dollar malware, despite news reports highlighting the malware’s use.

Francisco Partners, which owns and invests in a large portfolio of tech and security companies, is reportedly targeting over $3 billion in sales for 2017. The equity firm has invested in and acquired over 150 technology companies in 15 years.

There is skepticism inside the cybersecurity industry about whether the group will be able to fetch a billion-dollar buyer. An attempted 2015 sale for less than $1 billion did not occur, but deals can take several years from start to finish.

The attempted 2015 NSO sale coincided with $2.9 billion worth of buyouts.