DEA Looking To Buy More Malware From Shady Exploit Dealers

from the ends-and-something-about-means dept

The DEA — like other federal agencies involved in surveillance — buys and deploys malware and exploits. However, it seems to do better than most at picking out the sketchiest malware purveyors to work with.

When Italian exploit retailer Hacking Team found itself hacked, obtained emails showed the company liked to route around export bans through middlemen to bring the latest in surveillance malware to UN-blacklisted countries with horrendous human rights records. It also, apparently, sold its wares to the DEA — an agency in a country with only periodic episodes of horrendous human rights violations.

Maybe there’s a shortage of exploit sellers, but it would be nice to see a US agency be a bit more selective about who it buys from, rather than jumping into the customer pool with Saudi Arabia, Sudan, and Egypt. But the DEA has done it again. Emails obtained via FOIA by Motherboard show the DEA attempting to get in bed with another questionable malware purveyor.

The Drug Enforcement Administration held a meeting with the US sales arm of NSO Group, a controversial malware company whose products can remotely siphon data from iPhones and other devices, according to internal DEA emails obtained by Motherboard.

The news highlights law enforcement agencies’ increased interest in using hacking tools and malware, as well as NSO’s efforts to enter the lucrative US market.

The problems with NSO are multitudinous. Not only have its iPhone zero-days been used to target a dissident in the United Arab Emirates, but the Mexican government apparently deployed NSO malware on several occasions, each time with highly-questionable targets.

Privacy International has uncovered NSO malware in operation in Mexico, targeting journalists, lawyers, soda tax supporters [?!]… even children. Some of the targets were investigating government corruption. Others were investigating the mass disappearance of 43 schoolchildren from Iguala, Mexico. The deployment methods were at least as troubling as the demographics of those targeted.

The targets received SMS messages that included links to NSO exploits paired with troubling personal and sexual taunts, messages impersonating official communications by the Embassy of the United States in Mexico, fake AMBER Alerts, warnings of kidnappings, and other threats. The operation also included more mundane tactics, such as messages sending fake bills for phone services and sex-lines. Some targets only received a handful of texts, while others were barraged with dozens of messages over more than one and a half years.

This is what governments are doing with NSO’s malware. Certainly NSO can’t be expected to prevent end users from using its malware for evil, but it could be more selective about who it sells to. Perhaps the pitch to the DEA was viewed as a step towards legitimacy. But the DEA entertaining offers from NSO should be viewed as a step backwards for an agency that already has a few issues with its malware deployment.

Joseph Cox of Motherboard makes it clear the obtained emails don’t show any purchases from NSO. But they do show the agency is interested in its wares. The lack of concerns about the source are par for the course. The DEA can’t seem to find the time to deliver required Privacy Impact Assessments for its malware/exploit deployment and routinely thwarts its oversight. Buying from shady dealers is just another component of the DEA way.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “DEA Looking To Buy More Malware From Shady Exploit Dealers”

Subscribe: RSS Leave a comment
That Anonymous Coward (profile) says:

Because Drugs!!!!!!!!!!!!

That’s the only justification that has to be offered up to anyone questioning them. Drugs are bad mmmmkay, so we need to ignore the business practices of those we purchase from, so what if they are violating UN rules those are mainly guidelines.

Of course most of this malware isn’t actually needed, it just makes sure the budget stays big.

In an alternate dimension where logic and reason win, they don’t spent $150K to tap the iPhone of a pot dealer, because pot is legal & regulated. They focus more on big concerns & there is plenty of money to help addicts deal with their addiction rather than throwing them in jail or into the field as CI’s of questionable worth who use their pay to purchase more drugs.

Of course they will NEVER use this improperly, despite the 1000’s of cases of LEO’s abusing tools of the trade to spy on former flames & hassle rival suitors.

They tap all the data moving in and out of the country as is, and offer few safeguards (that they promptly work around) about its use… why waste more money funding bad actors who develop tools used by the worst of the worst to abuse citizens we allegedly care about.

Anonymous Coward says:

Re: Re:

In an alternate dimension where logic and reason win, they don’t spent $150K to tap the iPhone of a pot dealer, because pot is legal & regulated.

Despite some recent nut-case roadblocks being thrown up, that alternate dimension is starting to bleed into our reality… and the DEA is, I’m sure, completely aware of it. Like any of the shadier dealers who know when their market is drying up, they’re simply pulling an Exit Scam.

Anonymous Coward says:

Re: Re:

“Are the DEA, or other law enforcement agencies allowed to break into a house or safe without a warrant?”

Yes, they are also allowed to manufacture evidence and lie during court. No the 4th does not matter, it has not for a long time unless you have the money/power to fight back.

“If not, why are they allowed to break into a computer without a warrant?”

Because we fellow citizens are too busy fighting each other than realizing government corruption is far more important than the petty issues we currently fight over. As a politician, I am only going to tell you what you need to hear to get you to vote for me. If you think I am going to do what is best for you, then great, my lies suckered you. I will tell you that I am tough on crime, and you like it. I will tell you that I care for your BLM cause, but my administration will not prosecute out of control law enforcement when they breach the constitution, but I am going to pay a whole lotta lip service to it because that shuts you up.

“Just because it is a computer connected to the Internet does not make it any less somebodies private property.”

You don’t own any piece of software that makes that machine work, someone else does, 3rd party doctrine clearly dictates that we only need their permission via NSL to get your data.

We are the government, you are at a disadvantage because you don’t know your rights and we convinced you, your parents, your grandparents, and even your great grandparents to give them up. We and several other fellow citizens that we have suckered too, that your interpretation of a clear as day document does not mean what YOU think it means. It means what we want it to mean when we need it to mean that, and the courts agree.

Have a nice day citizen and mind your p’s and q’s… or else!

Michael (profile) says:

“Certainly NSO can’t be expected to prevent end users from using its malware for evil, but it could be more selective about who it sells to.”

I can see maybe not wanting to sell to North Korea, or a country that we are banned from selling software to, but are there any current restrictions about selling to the Mexican government?

“Perhaps the pitch to the DEA was viewed as a step towards legitimacy.”

Actually, I think they may be worse than selling to the Mexican government.

Anonymous Coward says:

how different this is compared to how Marcus Hutchins (famous for accidentally stopping the WannaCry attack) is being treated. they can openly buy and use malware, he is arrested and jailed for stopping one form of it! seems like, as usual, law enforcement can do what they like but others cant, even when they stop an exploit and save an industry money and embarrassment.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...