"This US company sold iPhone hacking tools to UAE spies", 15 September 2021.

When the United Arab Emirates paid over $1.3 million for a powerful and stealthy iPhone hacking tool in 2016, the monarchy’s spies—and the American mercenary hackers they hired—put it to immediate use.

The tool exploited a flaw in Apple’s iMessage app...

Two sources... have confirmed to MIT Technology Review that the exploit was developed and sold by an American firm named Accuvant. It merged several years ago with another security firm, and what remains is now part of a larger company called Optiv. News of the sale sheds new light on the exploit industry...

Optiv spokesperson Jeremy Jones wrote... that his company has "cooperated fully with the Department of Justice" and that "is not a subject of this investigation." That's true: The subjects of the investigation are the three former US intelligence and military personnel who worked illegally with the UAE. However, Accuvant's role as exploit developer and seller was important enough to be detailed at length in Justice Department court filings...

[O]n Tuesday, the US fined three former US intelligence and military personnel $1.68 million for their unlicensed work... That activity included buying Accuvant’s tool and then directing UAE-funded hacking campaigns.

The US court documents noted that the exploits were developed and sold by American firms but did not name the hacking companies. Accuvant’s role has not been reported until now...

Accuvant sold hacking exploits to multiple customers in both governments and the private sector...