It's completely news to me, but I don't have strong ties to the infosec world. This could be standard practice as far as I know.
Is it usual to find analysis/info traders doing this brand of malicious software injection? Are a portion of active worms and rootkits used today derivations of tools built by infosec companies?
It's a fact that the FBI has used spyware to catch bad guys: http://www.wired.com/politics/law/news/2007/07/fbi_spyware