The clandestine team, codenamed Project Raven, began work in 2016 from an offensive cyber operations unit in Abu Dhabi and used methods taught to them by the US National Security Agency (NSA) to help the Persian Gulf Arab country intercept into the iPhones of rival foreign leaders, diplomats, activists and journalists, Reuters reported on Wednesday.
According to five former operatives and program documents reviewed by Reuters, the cyber tool allowed the UAE to monitor hundreds of targets, including Qatar’s Emir Sheikh Tamim bin Hamad Al Thani, Turkey’s former Deputy Prime Minister Mehmet Simsek, Oman’s head of foreign affairs, Yusuf bin Alawi bin Abdullah and Nobel Peace Prize winner Tawakkol Karman of Yemen. It is not clear what material was taken from their devices.
The revelation comes amid a major regional crisis and an escalating cyber arms race, involving Qatar, on the one hand, and the UAE, Saudi Arabia, Bahrain and Egypt, on the other, Presstv reported.
In June 2017, Saudi Arabia, Egypt, Bahrain, and the UAE imposed a land, naval and air blockade on import-dependent Qatar, accusing Doha of supporting terrorism, an allegation strongly denied by Doha.
The crisis was set in motion by the hacking of Qatar’s state-run news agency (QNA) and government social media accounts on May 24, 2017.
According to a New York Times report published last year, in 2014, the UAE had asked an Israeli spyware company to hack into the phones of Qatari emir as well as Saudi Prince Mutaib bin Abdullah and other political and regional rivals.
The Washington embassies of Qatar, Oman and Turkey have yet to make any comment about the targeting of political figures in their countries.
Simsek, who stepped down from his position in July, described the cyber attack on his phone as “appalling and very disturbing.”
Karman, a human rights activist known as the Iron Woman of Yemen, said she believed she was targeted because of her leadership in Yemen’s anti-government protests in 2011.
The human rights activist said for years she had received repeated warnings from social media accounts that she had been hacked.
The former Raven insiders described Karma as a tool that could remotely grant access to iPhones simply by uploading phone numbers or email accounts into an automated targeting system.
They said Karma granted them access to compromising - and at times sexually explicit photos of targets. Reuters found no evidence that Abu Dhabi leaked damaging materials discovered through the spyware.
The existence of Karma and the hacking unit have not been previously reported.
According to documents reviewed by Reuters, Raven was largely staffed by US intelligence community veterans, who were paid through an Emirati cyber security firm named DarkMatter.
The Emirati firm did not respond to numerous emails and phone calls requesting comment. The NSA declined to make any comment on Project Raven.
The creator of the spy tool was not clear, but the operatives said the UAE government purchased Karma from a vendor outside the country.
Karma was used to obtain photos, emails, text messages and location information from targets’ iPhones in 2016 and 2017. The spyware also helped the hackers harvest saved passwords, which could be used for other intrusions.
It is not clear whether the Karma hack remains in use. The former Raven insiders said that by the end of 2017, security updates to Apple Inc’s iPhone software had made Karma far less effective.
Lori Stroud, a former Raven operative who also previously worked at the NSA, described the excitement when Karma was introduced in 2016 . “It was like, ‘We have this great new exploit that we just bought. Get us a huge list of targets that have iPhones now,’” she said. “It was like Christmas.”