Three former US intelligence operatives have pleaded guilty to assisting the United Arab Emirates (UAE) in its cyber-hacking offensives. Under the plea agreement, the trio will pay a fine and assist the US Department of Justice and the FBI in their continuing investigation.
US citizens Marc Baier, 49, and Ryan Adams, 34, as well as former US citizen Daniel Gericke, 40, are former employees of the US Intelligence Community and the US military. In January 2016, they joined an unnamed UAE-based company “after receiving an offer for higher compensation and an expanded budget,” according to officials with the Department of Justice.
They were hired as the senior managers of a team known as “Cyber Intelligence-Operations,” for which they carried out computer network exploitation. Despite being informed numerous times that, under the International Traffic in Arms Regulations, their work constituted a “defense service” requiring a license from the State Department’s Directorate of Defense Trade Controls, the trio conducted their work from 2016 to 2019.
A primary aspect of their work was in regard to the development of two “zero-click” computer hacking and intelligence-gathering systems. The “zero-click” exploit doesn’t require its target to click on or open a malicious file for it to infect their device.
After its development, UAE employees known to the defendants leveraged these exploits to “illegally obtain and use credentials for online accounts issued by US companies, and to obtain access to computers, like mobile phones, around the world, including the US.”
While not specified in the court documents, Reuters reported the hacking relied on an undisclosed vulnerability in Apple’s iMessage text messaging software. It’s reported the trio’s efforts allowed them “to obtain remote, unauthorized access to any of the tens of millions of smartphones and mobile devices utilizing” the operating system.
According to another Reuters report, the technology was developed on behalf of the UAE to spy on political rivals, human rights activists, and journalists. Those whose personal devices were targeted include Turkey’s former deputy prime minister, Mehmet Şimşek; Qatar’s Emir, Sheikh Tamim bin Hamad al-Thani; and Oman’s head of foreign affairs, Yusuf bin Alawi bin Abdullah.
Under the deferred prosecution agreement (DPA), the defendants agreed to cooperate with the continuing investigation and pay a combined fine of more than $1.68 million – Baier, $750,000; Adams, $600,000; and Gericke, $335,000. They will also face restrictions on any future jobs they can hold, and will receive a lifetime ban on US security clearances.
They previously faced charges of conspiracy and violating the Arms Export Control Act and International Traffic in Arms Regulations, as well as two computer fraud charges, according to court documents.
“Today’s announcement shines a light on the unlawful activity of three former members of the US Intelligence Community and military,” said Steven M. D’Antuono, Assistant Director in Charge of the FBI’s Washington Field Office. “These individuals chose to ignore warnings and to leverage their years of experience to support and enhance a foreign government’s offensive cyber operations.
“These charges and the associated penalties make clear that the FBI will continue to investigate such violations,” he continued.
More from us: Hacked! – Browser Password Leads to Military Data Breach
The joint investigation was conducted by the US Attorney’s Office for the District of Columbia, the FBI’s Washington Field Office, and the Justice Department’s National Security Division.