The Department of Justice revealed on Tuesday that it had issued civil penalties to three intelligence officials and military people for their roles as cyber-mercenaries who worked for a company based in the UAE.
Three individuals — Marc Baier (49), Daniel Gericke (40), and Ryan Adams (34) — are accused of conspiring to commit cybercriminal offenses targeting individuals and entities in the US. The trio allegedly developed and deployed spyware that can help to break into mobile devices.
The defendants worked for a United Arab Emirates-based company that carried out cybercrime operations against the US. Despite being told that their work for the United Arab Emirates-based company required a license from the State Department’s Directorate of Defense Trade Controls (DDTC), the defendants continued to provide the services without one.
Aside from violating US export control laws, they are also accused of conducting sophisticated attacks designed to steal credentials for online accounts and mobile phones.
In 2019, it was revealed that the NSA worked with a tech company called DarkMatter to infiltrate and spy on prominent individuals and journalists in the US. The functioning of the firm was made public through a Reuters investigation in 2019.
A report released by researchers at the US Department of Homeland Security revealed that a zero-click exploit called Karma could remotely access the email and phone accounts of political activists and diplomats.
According to court documents, the trio developed and used Karma to collect intelligence for the foreign country since 2016. After securing the first exploit, the defendants reportedly contacted another firm to obtain a second exploit targeting another vulnerability in iOS that ultimately allowed them to modify the Karma exploitation toolkit.
The charges come a day after Apple revealed that it had taken action to close a zero-day flaw (CVE-2021-30860) used by NSO Group’s Pegasus in attacks against activists in Saudi Arabia and Bahrain.
“The FBI will fully investigate individuals and companies that profit from illegal criminal cyber activity,” said Assistant Director Bryan Vorndran. He added that anyone who engages in this type of activity would be held accountable.