Former U.S. Intelligence Operatives to Pay $1.6M

The U.S. government has entered a Deferred Prosecution Agreement (DPA) with three former intelligence operatives in an attempt to resolve criminal charges relating to their offering of hacking services to a foreign government.

A deferred prosecution agreement (DPA), is comparable to a non-prosecution agreement (NPA), and it represents a voluntary alternative to adjudication in which a prosecutor agrees to give amnesty in exchange for the defendant agreeing to comply with specified conditions, as a deferred prosecution agreement might be used to resolve a case of corporate fraud in which the defendant agrees to pay fines, adopt corporate changes, and fully cooperate with the investigation.

Marc Baier, Ryan Adams, and Daniel Gericke provided their services to a company that ran sophisticated hacking operations for the United Arab Emirates (UAE) government against various targets, between 2016 and 2019.

These services included the provision of support, direction and supervision in the creation of sophisticated “zero-click” computer hacking and intelligence gathering systems – i.e., one that could compromise a device without any action by the target.


The three former employees of the U.S. Intelligence Community (USIC) or the U.S. military agreed to pay the penalties in order to not be prosecuted for the violations of U.S. export control, computer fraud, and access device fraud laws.

What Happened?

The three joined the senior management ranks of a UAE company. Here they were coordinating hacking operations against various targets, as well as supervising the creation of two hacking and espionage platforms.

KARMA and KARMA 2, the hacking and espionage platforms were used to compromise iPhones belonging to targets of interest to the UAE.

Back in 2019, the journalists from the news publication Reuters revealed that the hacking platforms were actually used by a clandestine UAE hacking team that was using the codename Project Raven and was led via a UAE-based company called DarkMatter.

It’s very interesting to note that more than a dozen of former U.S. intelligence operatives were helping the UAE with “surveillance of other governments, militants and human rights activists critical of the monarchy.”

KARMA and its successors exploited “zero-click” vulnerabilities to harvest sensitive information and get access to targets’ accounts (email, cloud storage, social media) in order to steal data.

According to Patrick Howell O’Neill, the vulnerability exploited by the KARMA platform to acquire full control of a target’s iPhone was in Apple’s iMessage software, which was developed and distributed by an American firm called Accuvant (merged a few years back into what is now known as Optiv).

The work that the three defendants provided for the UAE company constituted a “defense service” as per the International Traffic in Arms Regulations (ITAR), and because of this, the defendants’ activity had required a license from the State Department’s Directorate of Defense Trade Controls (DDTC).

Even if Baier, Adams, and Gericke knew about this they continued to provide their services without a license.

This DPA is the first of its kind, seeking to limit:

the proliferation of offensive cyber capabilities undermines privacy and security worldwide.


As per this agreement, Baier, Adams, and Gericke will have to pay $750,000, $600,000, and $335,000 respectively.

The three will also lose any foreign or U.S. security clearances and will be prohibited from employment involving computer network exploitation (CNE) operations, a.k.a. hacking, or CNE techniques.

Daniel Gericke, the Chief Information Officer for ExpressVPN released a statement regarding the DPA regarding its CIO:

We’ve known the key facts relating to Daniel’s employment history since before we hired him, as he disclosed them proactively and transparently with us from the start. In fact, it was his history and expertise that made him an invaluable hire for our mission to protect users’ privacy and security.


Source link

Recent Articles

Using Advanced SQLmap

What is SQLmap? Sqlmap is a very useful Sql injection tool developed in pyhton language. Basically, it scans the relevant website by trying SQL Payload...

Social Media Disasters

What is Social Media Disaster:A social media disaster is when a brand or a well-known person is somehow humiliated by using social media,...

Cybercriminals Are Targeting Elders

During the Pandemic Period, We Have Elders at the Target of Cyber ​​Criminals.The process of staying at home during the pandemic took a...

How Do Antivirus Programs Work?

What is Antivirus Program? :Antivirus Programs are the main programs to be installed after the Operating System is installed on a computer....

Making the Computer Safer

For you, our valued visitors, we have compiled the things you can do to make your systems more secure:No matter how hard you...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox