[TheRecord] US fines former NSA employees who provided hacker-for-hire services to UAE

The US Department of Justice has fined three former NSA employees who worked as hackers-for-hire for a United Arab Emirates cybersecurity company.

Marc Baier, 49, Ryan Adams, 34, and Daniel Gericke, 40, broke US export control laws that require companies and individuals to obtain a special license from the State Department’s Directorate of Defense Trade Controls (DDTC) before providing defense-related services to a foreign government.

According to court documents [PDF], the three suspects helped the UAE company develop and successfully deploy at least two hacking tools.

The three entered into a first-of-its-kind deferred prosecution agreement with the DOJ today, agreeing to pay $750,000, $600,000, and $335,000, respectively, over a three-year term, in order to avoid jail time for their actions.

The three worked for DarkMatter’s Project Raven

While the court documents are heavily redacted, Baier, Adams, and Genicke’s story is well known, with their actions being first exposed by a whistleblower and documented in a multi-part Reuters investigation in January 2019.

Per the Reuters report and DOJ officials, the three worked as contractors for UAE-based company DarkMatter between January 2016 and November 2019.

The former NSA analysts worked inside Project Raven, a team inside DarkMatter that was made up of more than a dozen former US intelligence operatives.

Inside this project, the three helped develop Karma and Karma 2, two iOS zero-click exploits.

Designed to target iPhones, Reuters said the two exploits were used by UAE officials to spy on dissidents, reporters, and government opposition leaders.

DOJ targets hacker-for-hire scene

Besides today’s fines, the DOJ agreement also includes the following clauses:

Full cooperation with the relevant Department and FBI components;The immediate relinquishment of any foreign or US security clearances;A lifetime ban on future US security clearances;Future employment restrictions, including a prohibition on employment that involves CNE (computer network exploitation) activity or exporting defense articles or providing defense services under the ITAR (e.g., CNE techniques);Restrictions on employment for certain UAE organizations.

“This agreement is the first-of-its-kind resolution of an investigation into two distinct types of criminal activity: providing unlicensed export-controlled defense services in support of computer network exploitation, and a commercial company creating, supporting and operating systems specifically designed to allow others to access data without authorization from computers worldwide, including in the United States,” said Acting Assistant Attorney General Mark J. Lesko.

“Hackers-for-hire and those who otherwise support such activities in violation of US law should fully expect to be prosecuted for their criminal conduct,” he added.

“These individuals chose to ignore warnings and to leverage their years of experience to support and enhance a foreign government’s offensive cyber operations,” said Assistant Director in Charge Steven M. D’Antuono of the FBI’s Washington Field Office.

“These charges and the associated penalties make clear that the FBI will continue to investigate such violations.”

The post US fines former NSA employees who provided hacker-for-hire services to UAE appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[ThreatPost] WordPress Sites Abused in Aggah Spear-Phishing Campaign

All posts, ThreatPost

The Pakistan-linked threat group’s campaign uses compromised WordPress sites to deliver the Warzone RAT to manufacturing companies in Taiwan and South Korea. Source: Read More (Threatpost)

Read More

[ZDNet] Australians spent AU$26.5m in cryptocurrency to pay scammers in 2020

All posts, ZDNet

The total number of scams received by the ACCC’s Scamwatch during the 2020 calendar year was 216,087, with a total of AU$156 million lost. Source: Read More (Latest topics for ZDNet in Security)

Read More

Daily NCSC-FI news followup 2019-11-24

CNAME Cloaking, the dangerous disguise of third-party trackers medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party-trackers-195205dc522a What has started to happen in the last few months in the world of third-party tracking is having a major impact on peoples privacy, and it all stayed pretty much under the radar. How to Avoid Black Friday Scams Online www.wired.com/story/how-to-avoid-black-friday-scams-online/ Black Friday attracts crowds, and […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.