The device was mostly comprised of former US intelligence officers who conducted offensive cyber operations for the UAE authorities.
Former Raven operatives told Reuters that most DarkMatter executives were unaware of the secretive program, which operated from a converted Abu Dhabi mansion from DarkMatter’s headquarters.
Those operations included hacking to the net accounts of human rights activists, officials and journalists from rival governments, Reuters found. DarkMatter has denied conducting the surgeries and says it focuses on protecting computer networks.
While Mozilla was contemplating whether to grant DarkMatter the authority to certify websites as secure, two Mozilla executives said in an interview last week that Reuters’ report raised concerns regarding whether DarkMatter would misuse that authority.
Mozilla said the firm has not yet come to some determination on whether to refuse the authority to DarkMatter, however, expects to decide within weeks.
“We don’t now have technical proof of abuse (from DarkMatter) however, the reporting is strong evidence that abuse is likely to happen later on if it hasn’t already,” said Selena Deckelmann, a senior director of engineering for Mozilla.
She said Mozilla was also considering stripping some or all of the over 400 certificates that DarkMatter has given to websites under a restricted authority since 2017.
Marshall Erwin, manager of security and trust to Mozilla, said the Reuters Jan. 30 report had increased concerns inside the company which DarkMatter might use Mozilla’s certificate authority for”offensive cyber-security functions rather than the intended purpose of creating a more secure, reliable web.”
DarkMatter did not respond to a Reuters request for comment.
In a February 25 letter to Mozilla, posted on line by the cyber-security firm, DarkMatter CEO Karim Sabbagh denied the Reuters report linking his company to Project Raven. “We’ve never, nor will we , operate or handle non-defensive cyber actions against any nationality,” Sabbagh wrote.
Websites that want to get designated as secure have to be certified by an outside company, which will confirm their identity and vouch for their security. The certifying organization helps secure the link between an approved website and its customers, promising the traffic won’t be intercepted.
Organizations who want to become certifiers need to employ to individual browser makers like Mozilla and Apple. Mozilla is seen by security experts as a respected leader in the field and especially transparent because it conducts much of the process in public, submitting the documentation it receives and soliciting comments from internet users prior to making a final decision.
DarkMatter was pushing Mozilla for full authority to grant certificates since 2017, the browser maker told Reuters. This would require it to a new level, making it among fewer than 60 heart gatekeepers for its countless millions of Firefox users round the world.
Deckelmann stated Mozilla is concerned that DarkMatter could utilize the authority to issue certificates to hackers impersonating actual sites, like banks.
As a certificate authority, DarkMatter will be partly responsible for encryption between websites they approve and their users.
In the incorrect hands, the certificate role could allow the interception of encrypted traffic, security specialists say.
In the past Mozilla has relied exclusively on technical issues when determining whether to trust a company with certification authority.
“You examine the details of the subject, the sources that came out, it’s a persuasive case,” explained Deckelmann.