UAE 'used spying tool' to target Qatar's emir, other rivals

Sheikh Tamim, senior Turkish official and activists among hundreds whose iPhones were hacked, Reuters reports.

    Qatar's Emir Sheikh Tamim bin Hamad Al Thani was one of hundreds of targets of a sophisticated intelligence operation by the United Arab Emirates (UAE) to spy on perceived opponents, Reuters news agency reported.

    A team of former US government intelligence operatives working for the UAE hacked into the iPhones of activists, diplomats and rival foreign leaders with the help of a sophisticated spying tool called Karma.

    The cybertool allowed the Emirati state to monitor hundreds of targets beginning in 2016, from Qatar's emir and a senior Turkish official to a Nobel Peace laureate human-rights activist in Yemen, according to five former operatives and programme documents reviewed by Reuters.

    The sources interviewed by Reuters were not Emirati citizens.

    180831113905857

    Karma was used by an offensive cyberoperations unit in the capital, Abu Dhabi, comprised of Emirati security officials and former US intelligence operatives working as contractors for the UAE's intelligence services.

    The existence of Karma and the hacking unit, code-named Project Raven, have not been previously reported. 

    The Karma and Raven revelations come amid a major regional crisis and an escalating cyber arms race, with rivals such as Qatar, Saudi Arabia and the UAE competing for the most sophisticated hacking tools and personnel.

    The UAE, along with Saudi Arabia, Bahrain and Egypt severed all political, diplomatic and economic ties with Qatar and imposed a land, air and sea blockade on the Gulf nation in June 2017.

    Who was hacked?

    The operatives used Karma to hack an iPhone used by Sheikh Tamim, as well as devices belonging to Turkey's former Deputy Prime Minister Mehmet Simsek and Oman's head of foreign affairs, Yusuf bin Alawi bin Abdullah. It isn't clear what material was taken from their devices.

    Simsek, who stepped down from his position in July, told Reuters the cyber-intrusion on his phone was "appalling and very disturbing."

    The Washington embassies of Qatar, Oman, and Turkey did not respond to multiple emails and calls requesting comment about the targeting of political figures in their countries.

    Raven also hacked Tawakkol Karman, a human rights activist known as the Iron Woman of Yemen.

    Informed by Reuters that she had been targeted, Karman said she believes she was chosen because of her leadership in Yemen's Arab Spring protests, which erupted in several Arab countries in 2011 and led to the overthrow of a number of leaders.

    Americans are "expected to support the protection of human rights defenders and provide them with all protection and security means and tools," she said, "not to be a tool in the hands of tyrannies to spy on the activists and to enable them to oppress their peoples."

    The former Raven insiders said Karma granted them access to compromising - and at times sexually explicit - photos of targets. Reuters found no evidence that the UAE leaked damaging materials discovered through Karma.

    How does Karma work?

    In 2016 and 2017, Karma was used to obtain photos, emails, text messages, and location information from targets' iPhones. 

    The ex-Raven operatives said Karma could remotely grant access to iPhones simply by uploading phone numbers or email accounts into an automated targeting system.

    To initiate the access, Karma needed only to send the target a text message - the hack then required no action on the part of the recipient.

    Raven was largely staffed by US intelligence community veterans, who were paid through an Emirati cybersecurity firm named DarkMatter, according to documents reviewed by Reuters.

    The company did not respond to numerous emails and phone calls requesting comment. The NSA declined to comment on Project Raven.

    The UAE government purchased Karma from a vendor outside the country, the operatives said. Reuters could not determine the tool's creator.

    It isn't clear whether the Karma hack remains in use. The former operatives said that by the end of 2017, security updates to Apple Inc's iPhone software had made Karma far less effective.

    A UAE Ministry of Foreign Affairs spokeswoman and Apple Inc declined to comment for the story. 

    Other hacking incidents 

    The Gulf crisis, an ongoing diplomatic dispute that has roiled the GCC, was set in motion by the hacking of Qatar's state-run news agency and government social media accounts on May 24, 2017. 

    According to a New York Times report published last year, in 2014, the UAE had asked an Israeli spyware company to intercept the phone calls made by Sheikh Tamim as well as Saudi Prince Mutaib bin Abdullah and other political and regional rivals. 

    SOURCE: Reuters news agency