Three US individuals, the former US intelligence operatives we reported about yesterday, have reached a plea deal with the US government to pay a restitution fee to avoid being jailed. They were charged with providing unauthorized hacking services to a foreign government.
From 2016 to 2019, Marc Baier, Daniel Gericke, and Ryan Adams worked for the UAE (United Arab Emirates) government against various targets. A press release from the US Department of Justice states:
“These services included the provision of support, direction and supervision in the creation of sophisticated “zero-click” computer hacking and intelligence gathering systems – i.e., one that could compromise a device without any action by the target.”
These former employees of the U.S. intelligence community have agreed to pay over $1.6 million in penalties to avoid prosecution for violating export control laws.
After leaving the US government, the trio performed various hacking operations for the company. They were also responsible for creating two hacking platforms known as KARMA and KARMA 2, capable of compromising iPhones. In 2019, it was revealed that a team of hackers from the United Arab Emirates known as DarkMatter and Project Raven used the two hacking platforms to monitor and spy on “governments, militants, and human rights activists critical of the monarchy.”
KARMA and its successor relied on zero-click exploits to steal sensitive info from targeted accounts.
According to the report from Patrick Howell O’Neill, the KARMA vulnerability that was exploited to compromise a target’s iPhone was in Apple’s iMessage app and was developed by Accuvant.
The US Department of Justice stated that the defendants’ work for a United Arab Emirates company amounted to a defense service under international regulations. Despite knowing they needed to get a license, the defendants continued to work without a permit.
Baier, Adams, and Gericke were ordered to pay a total of $750,000, $630,000, and $335,000, respectively. They also lost their security clearances.
Daniel Gericke is ExpressVPN’s chief information officer, one of the leading virtual private network providers. The clarification on Daniel Gericke from ExpressVPN can be found here.