WASHINGTON, Sept. 14 (Reuters) – Three former U.S. intelligence agents who worked as mercenary hackers for the United Arab Emirates have agreed to pay fines of $ 1.685 million and work with federal prosecutors to bring a case the Ministry of Justice announced on Tuesday.
Defendants Marc Baier, Ryan Adams and Daniel Gericke were part of a clandestine unit called Project Raven, first reported by Reuters, that helped the United Arab Emirates spy on its enemies.
The three entered into an agreement known as the Deferred Prosecution Agreement with US attorneys accusing them of violating hacker laws, the Justice Department said in court documents filed Tuesday.
The three also agreed to abandon foreign or US security clearances and face future employment restrictions.
They agreed to “fully cooperate” and provide “complete, complete, and truthful information to the FBI or any other US government organization” and to provide government-requested documents.
Acting US Attorney General Mark J. Lesko said in a press release: “This agreement is the first resolution of an investigation into two different types of criminal activity: the provision of unlicensed export-controlled defense services in support of computer network exploitation and a commercial system development company , supports and operates specifically designed to provide unauthorized access to data from computers worldwide, including in the United States. “
Reuters previously reported that Baier was a program manager for Project Raven. Adams and Gericke ran this effort and helped the UAE hack its targets.
Text messages to Baier and Adams asking for comments went unanswered. A social media message to Gericke also received no immediate response.
The three defendants’ lawyers did not immediately respond to a request for comment.
The court document reads: “The defendants have used illegal, fraudulent and criminal means, including the use of advanced covert hacking systems that exploited computer exploits from the United States and elsewhere to gain unauthorized access to protected computers in the United States and elsewhere to procure and to obtain information unlawfully. “
Lori Stroud, a former National Security Agency analyst who worked on Project Raven and then acted as a whistleblower, said Tuesday, “The Bureau’s commitment to justice is commendable, and I have the greatest respect for the agents who assigned to this case. “
“The main catalyst to bringing this issue to light, however, has been investigative journalism – the timely, technical information that has been reported has created the awareness and momentum to ensure justice,” she said.
The court documents describe how the three men helped the UAE develop, acquire and use hacking skills over several years. Its victims allegedly included US citizens, as Reuters previously reported based on information from Stroud.
Former program staff told Reuters they believed they were obeying the law because their superiors promised them the US government approved the work.
The documents describe how Project Raven employees acquired and deployed an elite hacking tool called Karma, which Reuters reported was used to remotely break into iPhones. The Justice Department said the hacking tool was acquired by two unnamed US companies.
Karma was used to break into the iPhones of prominent activists who spoke out against the UAE’s human rights record, Reuters reported.
Reporting by Christopher Bing and Joel Schectman; Editing by Howard Goller
Our Standards: The Thomson Reuters Trust Principles.