Wednesday, 30 January 2019

UAE 'used spying tool' to target Qatar's emir, other rivals

In 2016 and 2017, Karma was used to obtain photos, emails, text messages and location information from targets' iPhones
Qatar's Emir Sheikh Tamim bin Hamad Al Thani was one of hundreds of targets of a sophisticated intelligence operation by the United Arab Emirates (UAE) to spy on perceived opponents, Reuters news agency reported.

A team of former US government intelligence operatives working for the UAE hacked into the iPhones of activists, diplomats, and rival foreign leaders with the help of a sophisticated spying tool called Karma.

The cyber tool allowed the Emirati state to monitor hundreds of targets beginning in 2016, from Qatar's emir, a senior Turkish official to a Nobel Peace laureate human-rights activist in Yemen, according to five former operatives and program documents reviewed by Reuters.

The sources interviewed by Reuters were not Emirati citizens.

Karma was used by an offensive cyber operations unit in the capital, Abu Dhabi, comprised of Emirati security officials and former American intelligence operatives working as contractors for the UAE's intelligence services.

The existence of Karma and of the hacking unit, code named Project Raven, have not been previously reported.

The disclosure of Karma and the Raven unit comes amid a major regional crisis and an escalating cyber arms race, with rivals such as Qatar, Saudi Arabia and the UAE competing for the most sophisticated hacking tools and personnel.

The UAE, along with Saudi Arabia, Bahrain and Egypt severed all political, diplomatic and economic ties with Qatar and imposed a land, air and sea blockade on the Gulf nation in June 2017.

Who was hacked?
The operatives used Karma to hack an iPhone used by Sheikh Tamim, as well as the devices of Turkey's former Deputy Prime Minister Mehmet Simsek, and Oman's head of foreign affairs, Yusuf bin Alawi bin Abdullah. It isn't clear what material was taken from their devices.

Simsek, who stepped down from his position in July, told Reuters the cyber intrusion on his phone was "appalling and very disturbing."

The Washington embassies of Qatar, Oman, and Turkey did not respond to multiple emails and calls requesting comment about the targeting of political figures in their countries.

Raven also hacked Tawakkol Karman, a human rights activist known as the Iron Woman of Yemen.

Informed by Reuters she had been targeted, she said she believes she was chosen because of her leadership in Yemen's Arab Spring protests, which erupted around the region in 2011 and led to the ousting of Egyptian President Hosni Mubarak.

Americans are "expected to support the protection of human rights defenders and provide them with all protection and security means and tools," she said, "not to be a tool in the hands of tyrannies to spy on the activists and to enable them to oppress their peoples."

The former Raven insiders said Karma granted them access to compromising and at times sexually explicit photos of targets. Reuters saw no evidence that the UAE leaked damaging materials discovered through Karma.

How does Karma work?
In 2016 and 2017, Karma was used to obtain photos, emails, text messages, and location information from targets' iPhones.

The ex-Raven operatives described Karma as a tool that could remotely grant access to iPhones simply by uploading phone numbers or email accounts into an automated targeting system.

To initiate the compromise, Karma needed only to send the target a text message - the hack then required no action on the part of the recipient.

Raven was largely staffed by US intelligence community veterans, who were paid through an Emirati cybersecurity firm named DarkMatter, according to documents reviewed by Reuters.

The company did not respond to numerous emails and phone calls requesting comment. The NSA declined to comment on Project Raven.

The UAE government purchased Karma from a vendor outside the country, the operatives said. Reuters could not determine the tool's creator.

It isn't clear whether the Karma hack remains in use. The former operatives said that by the end of 2017, security updates to Apple Inc's iPhone software had made Karma far less effective.

A spokeswoman for UAE's Ministry of Foreign Affairs and Apple Inc declined to comment for the story.

The hacking of Qatar's state-run news agency and government social media accounts on May 24, 2017, set the Gulf crisis into motion.

According to a New York Times report publishedlast year, the Emiratis asked an Israeli spyware company to intercept the phone calls of Sheikh Tamim in 2014, as well as Saudi Prince Mutaib bin Abdullah, among other political and regional rivals. 




No comments:

Post a Comment