Optiv spokesman Jeremy Jones wrote in an email that his company is “fully cooperating with the Justice Department” and that Optiv “is not the subject of this investigation.” It is true: the investigation targets three former US intelligence and military personnel who have worked illegally with the UAE. However, Accuvant’s role as a developer and seller of exploits was important enough to be detailed in Justice Department court documents.
The iMessage exploit was the main weapon in the Emirati program called Karmarun by DarkMatter, an organization that masqueraded as a private company but actually acted as a spy agency for the UAE.
Reuters reported the existence of Karma and the iMessage exploit in 2019. But on Tuesday the USA fined three former US intelligence and military personnel – $ 1.68 million for their illegal work as hired hackers in the UAE. This activity included purchasing the Accuvant tool and then leading hacker campaigns funded by the UAE.
US court documents noted that the exploits were developed and sold by US firms, but the names of the hacker companies were not disclosed. The role of Akkuvant has not been reported so far.
Accuvant was not the focus of the investigation because the sale it made was licensed and legal. A source familiar with the development and sale of the exploit says that Accuvant was clearly “targeted” to sell the exploit by the US intelligence agency and that the company did not know it would be used for foreign espionage. The court documents then describe the manipulation of the exploit by mercenaries to make it a more powerful tool for UAE targets.
“The FBI will fully investigate individuals and companies that profit from illegal criminal cyber activities,” said Brian Vorndran, assistant director of the FBI’s cyber division, in a statement. “This is a clear message to everyone, including former US government officials, who have considered using cyberspace to use export-controlled information for the benefit of a foreign government or foreign commercial company — there is risk and there will be consequences.”
Effective exploit developer
Helped American partnership, experience and moneyDarkMatter has transformed the UAE’s offensive hacking capabilities from almost nothing into a formidable and proactive operation over the years. The group has spent large sums of money recruiting American and Western hackers to develop and sometimes direct the country’s cyber operations.
At the time of the sale, Accuvant was a research and development laboratory in Denver, Colorado that specialized and sold iOS exploits.
“The FBI will comprehensively investigate people and companies that profit from illegal criminal cyber activities. This is a clear signal for everyone … there is risk and there will be consequences. “
Brandon Vorndran, FBI
A decade ago, Accuvant has built a reputation as a prolific exploit developer working with larger US military contractors and selling bugs to government customers. In an industry where a code of silence is generally appreciated, the company has attracted public attention from time to time.
“Akkuvant represents the positive side of cyberwar: a fast-growing market,” wrote journalist David Kushner. Company profile for 2013 at Rolling Stone. According to him, it was a company “capable of creating custom software that can enter external systems and collect information or even shut down a server, for which they could be paid up to $ 1 million.”
Optiv has largely left the hacking industry after a series of mergers and acquisitions, but Accuvant’s alumni network is strong – and still working on exploits. Two senior employees co-founded Grayshift, an iPhone hacking company. known for his skills in unlocking devices.
As MIT Technology Review has learned, Accuvant has sold hacking exploits to multiple clients in both government and the private sector, including the United States and its allies, and it is this iMessage exploit that has been sold to dozens of other clients at the same time.
The iMessage exploit is one of several critical messaging app flaws that have been discovered and exploited in recent years. The 2020 update for the iPhone operating system comes with a complete overhaul of iMessage security in an attempt to make things more difficult.