The Israeli company behind the notorious Pegasus surveillance spyware has been placed on a US blacklist of entities in which trade is restricted.
The NSO Group had engaged "in activities that are contrary to the national security or foreign policy interests of the United States," a Commerce Department statement said on Wednesday.
The US said there was evidence spyware had been used by foreign governments "to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers."
Alleged spying on the mobile phones of high-profile individuals using Pegasus caused an international stir in July, after a global consortium of journalists reported on a dataset of 50,000 numbers said to have been selected by NSO customers as potential targets.
The firm denied the reports, saying Pegasus was meant to track terrorists and criminals and was sold only to government agencies.
Pegasus uses security holes in smartphone software to gain widespread access to data.
"NSO Group is dismayed by the decision given that our technologies support US national security interests and policies by preventing terrorism and crime, and thus we will advocate for this decision to be reversed," the company said in a statement.
Three other companies were put on the blacklist along with NSO.
The Israeli software company Candiru was listed for its involvement with Pegasus.
Positive Technologies of Russia and the Computer Security Initiative Consultancy of Singapore were added because "they traffic in cyber tools used to gain unauthorized access to information systems, threatening the privacy and security of individuals and organizations worldwide."
The blacklisting limits access to US goods and technology.
