An iPhone exploit sold to the United Arab Emirates for $1.3M was developed by a US company that used American mercenaries to facilitate the sale, according to the Department of Justice …
Background
The zero-click security exploit was reported in 2019 to have been used by former US government intelligence operatives, but the full background wasn’t known at the time.
The privacy exploit was reported to have been used in 2016 and 2017 before it was blocked by an Apple security update.
A team of former U.S. government intelligence operatives working for the United Arab Emirates hacked into the iPhones of activists, diplomats and rival foreign leaders with the help of a sophisticated spying tool called Karma […]
The […] operatives described Karma as a tool that could remotely grant access to iPhones simply by uploading phone numbers or email accounts into an automated targeting system. The tool has limits — it doesn’t work on Android devices and doesn’t intercept phone calls. But it was unusually potent because, unlike many exploits, Karma did not require a target to click on a link sent to an iPhone, they said […]
Once activated, the UAE government was able to obtain photos, emails, text messages and location data from the iPhones. Additionally, it provided access to passwords, which could then be used for further attacks.
iPhone exploit sold by US firm
MIT Technology Review reports that the exploit was sold to the UAE by a US company using mercenaries as intermediaries.
The DoJ said that the three mercenaries had agreed to pay $1.685M to settle the case against them.
Documents filed by the US Justice Department on Tuesday detail how the sale was facilitated by a group of American mercenaries working for Abu Dhabi, without legal permission from Washington to do so. But the case documents do not reveal who sold the powerful iPhone exploit to the Emiratis.
Two sources with knowledge of the matter have confirmed to MIT Technology Review that the exploit was developed and sold by an American firm named Accuvant […] A decade ago, Accuvant established a reputation as a prolific exploit developer working with bigger American military contractors and selling bugs to government customers. […]
It merged several years ago with another security firm, and what remains is now part of a larger company called Optiv […]
Optiv spokesperson Jeremy Jones wrote in an email that his company has “cooperated fully with the Department of Justice” and that Optiv “is not a subject of this investigation.” That’s true: The subjects of the investigation are the three former US intelligence and military personnel who worked illegally with the UAE. However, Accuvant’s role as exploit developer and seller was important enough to be detailed at length in Justice Department court filings.
Photo: Pxhere
U.S. citizens, Marc Baier, 49, and Ryan Adams, 34, and a former U.S. citizen, Daniel Gericke, 40, all former employees of the U.S. Intelligence Community (USIC) or the U.S. military, entered into a deferred prosecution agreement (DPA) that restricts their future activities and employment and requires the payment of $1,685,000 in penalties to resolve a Department of Justice investigation regarding violations of U.S. export control, computer fraud and access device fraud laws.