Former NSA spies have been working for the government of the United Arab Emirates as hacker mercenaries, helping the UAE attack journalists, dissidents, and human rights activists. This is a great read, and a shocking story from Reuters.
With the help of former U.S. intelligence operatives, United Arab Emirates hacked into the iPhones of activists, diplomats, and foreign adversaries. Targeted in the attacks: the former deputy prime minister of Turkey, a Qatari emir, and a Nobel Laureate of Yemen.
Joel Schectman and Christopher Bing of Reuters report that the UAE's use of the spying tool 'Karma' in 2016 “shows how potent cyber-weapons are proliferating beyond the world’s superpowers and into the hands of smaller nations”:
The cyber tool allowed the small Gulf country to monitor hundreds of targets beginning in 2016, from the Emir of Qatar and a senior Turkish official to a Nobel Peace laureate human-rights activist in Yemen, according to five former operatives and program documents reviewed by Reuters. The sources interviewed by Reuters were not Emirati citizens.
Karma was used by an offensive cyber operations unit in Abu Dhabi comprised of Emirati security officials and former American intelligence operatives working as contractors for the UAE’s intelligence services. The existence of Karma and of the hacking unit, code named Project Raven, haven’t been previously reported. Raven’s activities are detailed in a separate story published by Reuters today.
The ex-Raven operatives described Karma as a tool that could remotely grant access to iPhones simply by uploading phone numbers or email accounts into an automated targeting system. The tool has limits — it doesn’t work on Android devices and doesn’t intercept phone calls. But it was unusually potent because, unlike many exploits, Karma did not require a target to click on a link sent to an iPhone, they said.
In 2016 and 2017, Karma was used to obtain photos, emails, text messages and location information from targets’ iPhones. The technique also helped the hackers harvest saved passwords, which could be used for other intrusions.
Whether the Karma hack still works isn't clear. The former operatives interviewed by Reuters say Apple's iOS security updates rendered Karma less effective by late 2017.
You gotta wonder how many security advisories cause screams of pain at some spy shop. The UAE used CVE-2016-463 to hack hundreds of iPhones, including those of activists and journalists, until @TalosSecurity spoiled the fun. https://t.co/CiAimbwHUT https://t.co/MwDhl4rryr pic.twitter.com/GnnrezoRzu
— Kevin Poulsen (@kpoulsen) January 30, 2019
[via @humeyra_pamuk, illustration based on Reuters photo ofNobel Peace Prize winner Tawakkol Karman of Yemen at a news conference against mining in the town of Casillas, Guatemala, October 26, 2017. REUTERS/Luis Echeverria]