Three former U.S. intelligence officials have pleaded guilty to carrying out hacking operations on behalf of the United Arab Emirates in violation of U.S. law. Defendants have agreed to pay a 1.8 million fine to settle allegations of computer fraud, device entry fraud and export control violations, U.S. lawyers said.
According to the BBC, the former employees of the US intelligence agency hacked servers, computers and mobile phones in different parts of the world on behalf of an organization in the United Arab Emirates. However, the name of the organization has been kept secret.
The accused and UAE spokesmen did not immediately comment on the matter.
Earlier this year, the UAE was accused of using malware created by the controversial Israeli organization NSO Group to monitor government officials, opposition parties and journalists in other countries.
The U.S. Department of Justice says Mark Bayer, Ryan Adams and Daniel Gerrick, a former U.S. citizen, initially provided cyber services to government agencies in the United Arab Emirates on behalf of the United States through the International Traffic in Arms Regulation (ITAR).
Under that policy, intelligence personnel are required to obtain permission from the US government before launching any hacking operation. The policy prohibits cyber attacks on any U.S. citizen, permanent resident, or institution or property owned by the country.
According to the BBC, the three accused Americans started hacking in 2016 by joining an organization in the United Arab Emirates, which was only profitable for that country in the Middle East; The U.S. Department of Justice has confirmed that no licenses or permits have been obtained from the U.S. government.
Over the next three years, the defendants set up two state-of-the-art zero-click computer hacking and data collection systems called ‘Karma’ and ‘Karma 2’. The target of the hacking was malware spread on his device even if the main person did nothing. Thousands of users of devices made by a US technology company have been affected. The US Department of Justice has also kept the name of the victim organization secret.
Markey’s judiciary says former intelligence agents used the UAE to illegally steal personal and official information from employees of various US organizations.
“Hackers working for hire and those who support these activities should be prepared to be prosecuted as criminals under U.S. law,” said Mark Lesko, assistant attorney general in charge of the U.S. Department of Justice’s National Security Division.
The U.S. Department of Justice said in a statement that the defendants had been released on bail, subject to fines, severance of ties with the UAE and never seeking security clearance from the U.S. government in the future.