Updated: Jan 20
A team of former U.S. government intelligence operatives working for the United Arab Emirates hacked into the iPhones of activists, diplomats and rival foreign leaders with the help of a sophisticated spying tool called Karma, in a campaign that shows how potent cyber-weapons are proliferating beyond the world’s superpowers and into the hands of smaller nations.
The cyber tool allowed the small Gulf country to monitor hundreds of targets beginning in 2016, from the Emir of Qatar and a senior Turkish official to a Nobel Peace laureate human-rights activist in Yemen.
Karma was used by an offensive cyber operations unit in Abu Dhabi comprised of Emirati security officials and former American intelligence operatives working as contractors for the UAE’s intelligence services.
The operatives described Karma as a tool that could remotely grant access to iPhones simply by uploading phone numbers or email accounts into an automated targeting system. The tool has limits — it doesn’t work on Android devices. SecureCrypt only uses Android devices with the latest security updates, and industry leading security features that you can only get with a specialized secure, encrypted device.
In 2016 and 2017, Karma was used to obtain photos, emails, text messages and location information from targets’ iPhones. The technique also helped the hackers harvest saved passwords, which could be used for other intrusions.
It isn’t clear whether the Karma hack remains in use.
Tools like Karma, which can exploit hundreds of iPhones simultaneously, capturing their location data, photos and messages, are particularly sought-after.
If nation state leaders and diplomats can be compromised so easily; what does that mean for the everyday user of an iPhone?
Android devices offer the ability to modify and lock down a device right down to the kernel level, where iPhones used a closed operating system, unable to be modified which you would need to do in order to truly secure a device.
The announcement of Apple’s client side scanning further solidifies the need to move away from such closed devices. Apple is not interested in making the consumer secure, rather pleasing the governments that allow them to operate without paying enormous amounts of taxes.
If you are a government agency, an activist, a journalist, a lawyer with high profile clients, a doctor, a celebrity, or an individual working in a sensitive industry, you may become a target for hacking and spying.
You will never truly know that you are being spied on, the only way to truly protect yourself is to use a secure device offered by firms like SecureCrypt. The only aspect that we focus on is on security. Apple has to contend with consumer satisfaction and ease of use, where SecureCrypt focuses on keeping the user secure at all times. Devoid of free apps which harvest user data, (that data being then sold to data brokers) we keep you safe by giving you only the features needed to communicate securely with others.
Regular calls and SMS messages are not encrypted, thus leaving you wide open to such a long list of attacks, we cannot begin to list them all.
SecureCrypt offers true military grade, 512-bit ECC end-to-end encryption, and a secure operating system which makes it impossible to such attacks like the bypassing of encryption altogether, SMS attacks, SS7 attacks, MiTM attacks, cold boot attacks, and many others.
If you need true security, please contact us immediately so we can secure your communications.