IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

DarkMatter and former NSA officers sued over alleged phone hack of Saudi human rights activist

Loujain al-Hathloul alleges three ex-NSA mercenaries hacked her phone in 2017 and passed sensitive information on to Saudi Arabia

Prominent Saudi Arabian human rights activist Loujain al-Hathloul has launched a lawsuit against DarkMatter and three ex-NSA mercenaries who allegedly hacked her phone on behalf of the United Arab Emirates (UAE), secretly tracking her communications and location.

Al-Hathloul claims to be a victim of an illegal hacking campaign run by DarkMatter and a collection of former US intelligence officers hired by the UAE following the Arab Spring protests. 

Known as Project Raven, the UAE ordered hacks on dissidents, journalists, human rights activists, rival foreign leaders, and other political enemies on behalf of the Kingdom of Saudi Arabia (KSA). 

Al-Hathloul alleges she was one of the activists who was targeted in the hacking campaign, the information gathered from which led to her arrest, imprisonment, and torture.

The lawsuit marks the first time al-Hathloul has taken action against the authorities against which she has protested so heavily. She was released from prison earlier this year but is still unable to leave the KSA.

Al-Hathloul is perhaps best known for her efforts in calling for greater women's rights in Saudi Arabia, most recently pushing for an overhaul of law that would see women be able to drive in the region.

As part of her campaign, in 2014 she famously drove from the UAE to KSA while filming her endeavour, which saw her imprisoned for 73 days after being stopped at the KSA border. The law was later overhauled four years later in 2018, allowing women to drive for the first time.

The three former NSA officers named in the lawsuit alongside the DarkMatter company are Marc Baier, Ryan Adams, and Daniel Gericke. The lawyers for all four defendants have been contacted for comment by IT Pro but did not respond. 

DarkMatter and the three former NSA officers are accused of exploiting a vulnerability in Apple's iMessage service which allowed the trained hackers to locate and monitor targets chosen by their clients, including al-Hathloul.

Related Resource

Bridging the DevSecOps divide: Spotlight on zero trust

Security at the forefront

Whitepaper title on a white page with a green trapezoid across the coverFree download

The trio named in the lawsuit, brought to them by al-Hathloul and the Electronic Frontier Foundation (EFF), have all previously admitted to violating computer fraud and abuse laws, as well as selling sensitive military technology, in a separate non-prosecution agreement with the US Department of Justice (DoJ) in September.

Al-Hathloul claims her phone was first hacked in 2017 which saw her texts, email messages, and real-time location data sent to DarkMatter and its client.

The lawsuit alleges DarkMatter intentionally directed code to Apple's US servers to place malware on al-Hathloul's phone, violating the Computer Fraud and Abuse Act (CFAA) in the process.

"Project Raven went beyond even the behaviour that we have seen from NSO Group, which has been caught repeatedly having sold software to authoritarian governments who use their tools to spy on journalists, activists, and dissidents," said Eva Galperin, cybersecurity director at EFF. "Dark Matter didn't merely provide the tools; they oversaw the surveillance program themselves."

The lawsuit seeks compensation and punitive damages against the three individuals and DarkMatter.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021

Most Popular

Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022