DEA Looking To Buy More Malware From Shady Exploit Dealers
from the ends-and-something-about-means dept
The DEA -- like other federal agencies involved in surveillance -- buys and deploys malware and exploits. However, it seems to do better than most at picking out the sketchiest malware purveyors to work with.
When Italian exploit retailer Hacking Team found itself hacked, obtained emails showed the company liked to route around export bans through middlemen to bring the latest in surveillance malware to UN-blacklisted countries with horrendous human rights records. It also, apparently, sold its wares to the DEA -- an agency in a country with only periodic episodes of horrendous human rights violations.
Maybe there's a shortage of exploit sellers, but it would be nice to see a US agency be a bit more selective about who it buys from, rather than jumping into the customer pool with Saudi Arabia, Sudan, and Egypt. But the DEA has done it again. Emails obtained via FOIA by Motherboard show the DEA attempting to get in bed with another questionable malware purveyor.
The Drug Enforcement Administration held a meeting with the US sales arm of NSO Group, a controversial malware company whose products can remotely siphon data from iPhones and other devices, according to internal DEA emails obtained by Motherboard.
The news highlights law enforcement agencies' increased interest in using hacking tools and malware, as well as NSO's efforts to enter the lucrative US market.
The problems with NSO are multitudinous. Not only have its iPhone zero-days been used to target a dissident in the United Arab Emirates, but the Mexican government apparently deployed NSO malware on several occasions, each time with highly-questionable targets.
Privacy International has uncovered NSO malware in operation in Mexico, targeting journalists, lawyers, soda tax supporters [?!]... even children. Some of the targets were investigating government corruption. Others were investigating the mass disappearance of 43 schoolchildren from Iguala, Mexico. The deployment methods were at least as troubling as the demographics of those targeted.
The targets received SMS messages that included links to NSO exploits paired with troubling personal and sexual taunts, messages impersonating official communications by the Embassy of the United States in Mexico, fake AMBER Alerts, warnings of kidnappings, and other threats. The operation also included more mundane tactics, such as messages sending fake bills for phone services and sex-lines. Some targets only received a handful of texts, while others were barraged with dozens of messages over more than one and a half years.
This is what governments are doing with NSO's malware. Certainly NSO can't be expected to prevent end users from using its malware for evil, but it could be more selective about who it sells to. Perhaps the pitch to the DEA was viewed as a step towards legitimacy. But the DEA entertaining offers from NSO should be viewed as a step backwards for an agency that already has a few issues with its malware deployment.
Joseph Cox of Motherboard makes it clear the obtained emails don't show any purchases from NSO. But they do show the agency is interested in its wares. The lack of concerns about the source are par for the course. The DEA can't seem to find the time to deliver required Privacy Impact Assessments for its malware/exploit deployment and routinely thwarts its oversight. Buying from shady dealers is just another component of the DEA way.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: dea, exploits, hacking, malware, vulnerabilities
Reader Comments
Subscribe: RSS
View by: Time | Thread
That's the only justification that has to be offered up to anyone questioning them. Drugs are bad mmmmkay, so we need to ignore the business practices of those we purchase from, so what if they are violating UN rules those are mainly guidelines.
Of course most of this malware isn't actually needed, it just makes sure the budget stays big.
In an alternate dimension where logic and reason win, they don't spent $150K to tap the iPhone of a pot dealer, because pot is legal & regulated. They focus more on big concerns & there is plenty of money to help addicts deal with their addiction rather than throwing them in jail or into the field as CI's of questionable worth who use their pay to purchase more drugs.
Of course they will NEVER use this improperly, despite the 1000's of cases of LEO's abusing tools of the trade to spy on former flames & hassle rival suitors.
They tap all the data moving in and out of the country as is, and offer few safeguards (that they promptly work around) about its use... why waste more money funding bad actors who develop tools used by the worst of the worst to abuse citizens we allegedly care about.
[ link to this | view in chronology ]
Re:
In an alternate dimension where logic and reason win, they don't spent $150K to tap the iPhone of a pot dealer, because pot is legal & regulated.
Despite some recent nut-case roadblocks being thrown up, that alternate dimension is starting to bleed into our reality... and the DEA is, I'm sure, completely aware of it. Like any of the shadier dealers who know when their market is drying up, they're simply pulling an Exit Scam.
[ link to this | view in chronology ]
Re:
You forgot the most important target... bloggers who irritate them with posts about how they're failing to protect and serve.
[ link to this | view in chronology ]
Just because it is a computer connected to the Internet does not make it any less somebodies private property.
[ link to this | view in chronology ]
Re:
Yes, they are also allowed to manufacture evidence and lie during court. No the 4th does not matter, it has not for a long time unless you have the money/power to fight back.
"If not, why are they allowed to break into a computer without a warrant?"
Because we fellow citizens are too busy fighting each other than realizing government corruption is far more important than the petty issues we currently fight over. As a politician, I am only going to tell you what you need to hear to get you to vote for me. If you think I am going to do what is best for you, then great, my lies suckered you. I will tell you that I am tough on crime, and you like it. I will tell you that I care for your BLM cause, but my administration will not prosecute out of control law enforcement when they breach the constitution, but I am going to pay a whole lotta lip service to it because that shuts you up.
"Just because it is a computer connected to the Internet does not make it any less somebodies private property."
You don't own any piece of software that makes that machine work, someone else does, 3rd party doctrine clearly dictates that we only need their permission via NSL to get your data.
We are the government, you are at a disadvantage because you don't know your rights and we convinced you, your parents, your grandparents, and even your great grandparents to give them up. We and several other fellow citizens that we have suckered too, that your interpretation of a clear as day document does not mean what YOU think it means. It means what we want it to mean when we need it to mean that, and the courts agree.
Have a nice day citizen and mind your p's and q's... or else!
[ link to this | view in chronology ]
Contamination through proximity
[ link to this | view in chronology ]
I can see maybe not wanting to sell to North Korea, or a country that we are banned from selling software to, but are there any current restrictions about selling to the Mexican government?
"Perhaps the pitch to the DEA was viewed as a step towards legitimacy."
Actually, I think they may be worse than selling to the Mexican government.
[ link to this | view in chronology ]
"Selective"??????
To heck with that.
Selling exploits and malware is out of bounds, period. It doesn't matter who you sell them to. These people need to get real jobs.
[ link to this | view in chronology ]
Ummm, so that is a troubling topic for it to be deployed for Tim?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
That is unclear?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Give us a back door,
[ link to this | view in chronology ]