DarkMatter and former NSA officers sued over alleged phone hack of Saudi human rights activist

Loujain al-Hathloul alleges three ex-NSA mercenaries hacked her phone in 2017 and passed sensitive information on to Saudi Arabia

Prominent Saudi Arabian human rights activist Loujain al-Hathloul has launched a lawsuit against DarkMatter and three ex-NSA mercenaries who allegedly hacked her phone on behalf of the United Arab Emirates (UAE), secretly tracking her communications and location.

Al-Hathloul claims to be a victim of an illegal hacking campaign run by DarkMatter and a collection of former US intelligence officers hired by the UAE following the Arab Spring protests. 

Known as Project Raven, the UAE ordered hacks on dissidents, journalists, human rights activists, rival foreign leaders, and other political enemies on behalf of the Kingdom of Saudi Arabia (KSA). 

Al-Hathloul alleges she was one of the activists who was targeted in the hacking campaign, the information gathered from which led to her arrest, imprisonment, and torture.

The lawsuit marks the first time al-Hathloul has taken action against the authorities against which she has protested so heavily. She was released from prison earlier this year but is still unable to leave the KSA.

Al-Hathloul is perhaps best known for her efforts in calling for greater women's rights in Saudi Arabia, most recently pushing for an overhaul of law that would see women be able to drive in the region.

As part of her campaign, in 2014 she famously drove from the UAE to KSA while filming her endeavour, which saw her imprisoned for 73 days after being stopped at the KSA border. The law was later overhauled four years later in 2018, allowing women to drive for the first time.

The three former NSA officers named in the lawsuit alongside the DarkMatter company are Marc Baier, Ryan Adams, and Daniel Gericke. The lawyers for all four defendants have been contacted for comment by IT Pro but did not respond. 

DarkMatter and the three former NSA officers are accused of exploiting a vulnerability in Apple's iMessage service which allowed the trained hackers to locate and monitor targets chosen by their clients, including al-Hathloul.

Related Resource

Bridging the DevSecOps divide: Spotlight on zero trust

Security at the forefront

Whitepaper title on a white page with a green trapezoid across the coverFree download

The trio named in the lawsuit, brought to them by al-Hathloul and the Electronic Frontier Foundation (EFF), have all previously admitted to violating computer fraud and abuse laws, as well as selling sensitive military technology, in a separate non-prosecution agreement with the US Department of Justice (DoJ) in September.

Al-Hathloul claims her phone was first hacked in 2017 which saw her texts, email messages, and real-time location data sent to DarkMatter and its client.

The lawsuit alleges DarkMatter intentionally directed code to Apple's US servers to place malware on al-Hathloul's phone, violating the Computer Fraud and Abuse Act (CFAA) in the process.

"Project Raven went beyond even the behaviour that we have seen from NSO Group, which has been caught repeatedly having sold software to authoritarian governments who use their tools to spy on journalists, activists, and dissidents," said Eva Galperin, cybersecurity director at EFF. "Dark Matter didn't merely provide the tools; they oversaw the surveillance program themselves."

The lawsuit seeks compensation and punitive damages against the three individuals and DarkMatter.

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022