When the United Arab Emirates paid over $1.3 million for a powerful and stealthy iPhone hacking tool in 2016, the monarchy's spies -- and the American mercenary hackers they hired -- put it to immediate use. The tool exploited a flaw in Apple's iMessage app to enable hackers to completely take over a victim's iPhone. It was used against hundreds of targets in a vast campaign of surveillance and espionage whose victims included geopolitical rivals, dissidents, and human rights activists.
Documents filed by the US Justice Department on Tuesday detail how the sale was facilitated by a group of American mercenaries working for Abu Dhabi, without legal permission from Washington to do so. But the case documents do not reveal who sold the powerful iPhone exploit to the Emiratis. Two sources with knowledge of the matter have confirmed to MIT Technology Review that the exploit was developed and sold by an American firm named Accuvant. It merged several years ago with another security firm, and what remains is now part of a larger company called Optiv. News of the sale sheds new light on the exploit industry as well as the role played by American companies and mercenaries in the proliferation of powerful hacking capabilities around the world.
A man who the Department of Justice says unlocked AT&T customers’ phones for a fee was sentenced to 12 years in prison, in what the judge called “a terrible cybercrime over an extended period,” which allegedly continued even after authorities were on to the scheme.
A forensic analysis by AT&T showed Fahd and his helpers fraudulently unlocked more than 1.9 million phones, costing the company more than $200 million. Fahd was arrested in Hong Kong in 2018 and extradited to the US in 2019. He pleaded guilty in September 2020 to conspiracy to commit wire fraud.