By a Biometrica staffer
Three former U.S. intelligence officers have agreed to pay more than $1.6 million to resolve federal charges of conspiring to violate hacking laws, the Justice Department announced on Sept. 14.
Marc Baier, Ryan Adams, and Daniel Gericke worked for the United Arab Emirates and faced federal charges of conspiring to violate hacking laws. The trio entered into a deferred prosecution agreement (DPA) that restricts their future activities and employment.
According to court documents, the defendants worked as senior managers at a UAE-based company (U.A.E. CO) that supported and carried out computer network exploitation operations or hacking for the benefit of the UAE government between 2016 and 2019.
The services they rendered included the provision of support, direction, and supervision in the creation of sophisticated “zero-click” computer hacking and intelligence gathering systems — i.e., one that could compromise a device without any action taken by the target.
These zero-click exploits were leveraged to illegally obtain and use access credentials for online accounts issued by U.S. companies, and to obtain unauthorized access to computers and mobile phones around the world, including in the United States.
“This agreement is the first-of-its-kind resolution of an investigation into two distinct types of criminal activity: providing unlicensed export-controlled defense services in support of computer network exploitation, and a commercial company creating, supporting and operating systems specifically designed to allow others to access data without authorization from computers worldwide, including in the United States,” said Acting Assistant Attorney General Mark J. Lesko for the Justice Department’s National Security Division. “Hackers-for-hire and those who otherwise support such activities in violation of U.S. law should fully expect to be prosecuted for their criminal conduct.”
“The Bureau’s dedication to justice is commendable, and I have the utmost respect for the agents assigned to this case,” Lori Stroud, a former NSA analyst who worked on Project Raven (the secret unit that worked for the UAE) and then acted as a whistleblower, was quoted as saying by NBC News. “However, the most significant catalyst to bringing this issue to light was investigative journalism — the timely, technical information reported created the awareness and momentum to ensure justice.”
Meanwhile, in Miami, Mohammad Faghihi, his wife Farzeneh Modarresi, and his sister Faezeh Faghihi were charged in federal district court with crimes related to their alleged violations of U.S. sanctions on Iran, as well as on money laundering. The three operated the Florida-based company Express Gene, which, between October 2016 and November 2020, received numerous wire transfers from accounts in Malaysia, the People’s Republic of China, Singapore, Turkey, and the UAE, totaling almost $3.5 million, the Justice Department has said.
It is alleged that some of these funds were used to buy gene sequencing equipment and ship this to Iran without requisite permissions. On Feb. 20, Faghihi arrived at Miami International Airport from Iran, where he was inspected by Customs and Border Protection (CBP) officers. His luggage contained 17 vials of unknown biological substances covered with ice packs and concealed beneath bread and other food items.
According to the charging documents, Faghihi made false statements, including that he did not practice his profession in Iran or conduct any type of research in Iran.
In fact, Faghihi was the director of a laboratory within Shiraz University of Medical Science in Iran, which also bears his name: “Dr. Faghihi’s Medical Genetic Center.”
All defendants are charged with conspiring to commit an offense against the United States and conspiring to commit money laundering. Faghihi and Modarresi are additionally charged with the unlawful exports of goods to Iran, and smuggling goods out of the United States.
In a separate action, Mehrdad Ansari, an Iranian national, was sentenced to 63 months in prison for illegally exporting military sensitive items. Ansari, a resident of the UAE and Germany, was convicted by a federal jury in May 2021 for his role in a scheme to obtain military sensitive parts for Iran in violation of the Iranian trade embargo.
Ansari obtained parts that had dual-use military and civilian capability and that could be used in such systems as nuclear weapons, missile guidance and development, secure tactical radio communications, offensive electronic warfare, military electronic countermeasures (radio jamming), and radar warning and surveillance systems.
Taiwanese citizen Susan Yip, aka Susan Yeh, and Iranian citizen Mehrdad Foomanie, aka Frank Foomanie, the co-defendants in this case, obtained over 105,000 parts valued at approximately $2.6 million, involving more than 1,250 transactions.