Back in January this year, Reuters in an investigative piece shared that DarkMatter was providing staff for a secret hacking operation called Project Raven. After reading this report, Mozilla is now thinking whether it should block DarkMatter from serving as one of its internet security providers.
The unit working for Project Raven were mostly former US intelligence officials, who were allegedly conducting privacy-threatening operations for the UAE government. The team behind this project was working in a converted mansion in Abu Dhabi, which they called “the Villa”. These operations included hacking accounts of human rights activists, journalists, and officials from rival governments.
On February 25, DarkMatter in a letter addressed to Mozilla, CEO Karim Sabbagh denied all the allegations reported by Reuters and refused that it has anything to do with Project Raven. Sabbagh wrote in the letter, “We have never, nor will we ever, operate or manage non-defensive cyber activities against any nationality.”
Mozilla’s response to the Reuter report
In an interview last week, Mozilla executive said that Reuter’s report has raised concerns inside the company about DarkMatter misusing its authority to certify websites as safe. Mozilla is yet to decide whether they should deny DarkMatter from this authority. Selena Deckelmann, a senior director of engineering for Mozilla, “We don’t currently have technical evidence of misuse (by DarkMatter) but the reporting is strong evidence that misuse is likely to occur in the future if it hasn’t already.”
Deckelmann further shared that Mozilla is also concerned about the certifications DarkMatter has granted and may strip some or all of the 400 certifications that DarkMatter has granted to websites under a limited authority since 2017. Marshall Erwin, director of trust and security for Mozilla, said that DarkMatter could use its authority for “offensive cybersecurity purposes rather than the intended purpose of creating a more secure, trusted web.”
A website is designated as secure if it is certified by an external authorized organization called Certification Authority (CA). This certifying organization is also responsible for securing the connection between an approved website and its users. To get this authority, these organizations need to apply to individual browser makers like Mozilla and Apple.
DarkMatter has been threatening Mozilla to gain full authority to grant certifications since 2017. Giving it a full authority will allow them to issue certificates to hackers impersonating real websites, including banks.
DarkMatter are making personal attacks and legal threats on the Mozilla mailing list in an attempt to become a root CA (one of their clients is UAE signals intelligence agency). pic.twitter.com/tWZWJ4mekv
— 🦀 Kevin Beaumont 🐝 (@GossiTheDog) March 7, 2019
To know more about this news in detail, read the full story at Reuters’ official website.
Read Next
Mozilla engineer shares the implications of rewriting browser internals in Rust
