Former U.S. intel operatives to pay $1.6M for hacking for foreign govt

Former U.S. intel operatives to pay $1.6M for hacking for foreign govt

The U.S. government has entered a Deferred Prosecution Agreement (DPA) with three former intelligence operatives to resolve criminal charges relating to their offering of hacking services to a foreign government.

Between 2016 and 2019, Marc Baier, Ryan Adams, and Daniel Gericke provided their services to a company that ran sophisticated hacking operations for the United Arab Emirates (UAE) government against various targets.

“These services included the provision of support, direction and supervision in the creation of sophisticated “zero-click” computer hacking and intelligence gathering systems – i.e., one that could compromise a device without any action by the target” – the U.S. Department of Justice

Former employees of the U.S. Intelligence Community (USIC) or the U.S. military, the three agreed to pay $1,685,000 in penalties to not be prosecuted for violations of U.S. export control, computer fraud, and access device fraud laws.

Essential U.S. input

After leaving the U.S. government employment, the trio joined the senior management ranks of a UAE company where they coordinated hacking operations against various targets.

They also supervised the creation of two hacking and espionage platforms called KARMA and KARMA 2, used to compromise iPhones belonging to targets of interest to the UAE.

In 2019, journalists at Reuters revealed that the two hacking platforms were used by a clandestine UAE hacking team codenamed Project Raven run through a UAE-based company called DarkMatter.

The unit had more than a dozen former U.S. intelligence operatives helping the UAE with “surveillance of other governments, militants and human rights activists critical of the monarchy.”

KARMA and its successor relied on “zero-click” exploits (no user interaction needed) that enabled collecting sensitive info that allowed access to the targets accounts (email, cloud storage, social network) to steal data.

According to a report from Patrick Howell O’Neill at MIT Technology Review, the vulnerability that the KARMA platform exploited to take full control of a target’s iPhone was in Apple’s iMessage app and it was developed and sold by an American company named Accuvant (merged…