Nepal | June 05, 2020

Firefox maker fears DarkMatter ‘misuse’ of browser for hacking

Share Now:
Firefox Logo

The Firefox logo is seen at a Mozilla stand during the Mobile World Congress in Barcelona, February 28, 2013. Photo: Reuters/File

WASHINGTON: Firefox browser-maker Mozilla is considering whether to block cyber security company DarkMatter from serving as one of its internet security gatekeepers after a Reuters report linked the United Arab Emirates-based firm to a cyber espionage program.

Reuters reported in January that DarkMatter provided staff for a secret hacking operation, code named Project Raven, on behalf of an Emirati intelligence agency. The unit was largely comprised of former US intelligence officials who conducted offensive cyber operations for the UAE government.

Former Raven operatives told Reuters that many DarkMatter executives were unaware of the secretive program, which operated from a converted Abu Dhabi mansion away from DarkMatter’s headquarters.

Those operations included hacking into the internet accounts of human rights activists, journalists and officials from rival governments, Reuters found. DarkMatter has denied conducting the operations and says it focuses on protecting computer networks.

While Mozilla had been considering whether to grant DarkMatter the authority to certify websites as safe, two Mozilla executives said in an interview last week that Reuters’ report raised concerns about whether DarkMatter would abuse that authority.

Mozilla said the company has not yet come to a decision on whether to deny the authority to DarkMatter, but expects to decide within weeks.

“We don’t currently have technical evidence of misuse (by DarkMatter) but the reporting is strong evidence that misuse is likely to occur in the future if it hasn’t already,” said Selena Deckelmann, a senior director of engineering for Mozilla.

She said Mozilla was also considering stripping some or all of the more than 400 certifications that DarkMatter has granted to websites under a limited authority since 2017.

Marshall Erwin, director of trust and security for Mozilla, said the Reuters January 30 report had raised concerns inside the company that DarkMatter might use Mozilla’s certification authority for “offensive cyber security purposes rather than the intended purpose of creating a more secure, trusted web.”

DarkMatter did not respond to a Reuters request for comment. The UAE embassy in Washington also did not respond to a request for comment.

In a February 25 letter to Mozilla, posted online by the cyber security company, DarkMatter CEO Karim Sabbagh denied the Reuters report linking his company to Project Raven. “We have never, nor will we ever, operate or manage non-defensive cyber activities against any nationality,” Sabbagh wrote.

Websites that want to be designated as secure have to be certified by an outside organisation, which will confirm their identity and vouch for their security. The certifying organisation also helps secure the connection between an approved website and its users, promising the traffic will not be intercepted.

Organisations that want to become certifiers must apply to individual browser makers like Mozilla and Apple. Mozilla is seen by security experts as a respected leader in the field and particularly transparent because it conducts much of the process in public, posting the documentation it receives and soliciting comments from internet users before making a final decision.

DarkMatter has been pushing Mozilla for full authority to grant certifications since 2017, the browser maker told Reuters. That would take it to a new level, making it one of fewer than 60 core gatekeepers for the hundreds of millions of Firefox users around the world.

Deckelmann said Mozilla is worried that DarkMatter could use the authority to issue certificates to hackers impersonating real websites, like banks.

As a certification authority, DarkMatter would be partially responsible for encryption between websites they approve and their users.

In the wrong hands, the certification role could allow the interception of encrypted web traffic, security experts say.

In the past Mozilla has relied exclusively on technical issues when deciding whether to trust a company with certification authority.

The Reuters investigation has led it to reconsider its policy for approving applicants. “You look at the facts of the matter, the sources that came out, it’s a compelling case,” said Deckelmann.

Follow The Himalayan Times on Twitter and Facebook

Recommended Stories:

More from The Himalayan Times:

Traders defy lockdown as patience runs thin in Nepal

Durbar Marg shops to open from today Other traders, businesses also defiant KATHMANDU, JUNE 3 With no end in sight to the nationwide lockdown imposed on March 24 that has effectively halted all economic activities for the past two-and-a-half months, traders, firms and industries have be Read More...

Mahakali Hospital isolation ward filled with COVID-19 patients

KANCHANPUR: At least fifteen COVID-19 patients have been admitted to the isolation ward of Mahakali Hospital in Bhimdattanagar Municipality, Kanchanpur district. The isolation ward has a capacity of 20 beds. The hospital has started treatment of COVID-19 since Tuesday. Seven persons — reside Read More...

The office of the prime minister and council of ministers, OPMCM

Evacuation of Nepalis likely to begin Friday

KATHMANDU, JUNE 3 After the plan to evacuate stranded Nepali citizens from several countries was approved by the Cabinet a few days ago, the government is gearing up to bring them home on priority basis from Friday. Narayan Bidari, secretary at the Office of the Prime Minister and Council of M Read More...

Home isolation for asymptomatic, mild Covid cases

KATHMANDU, JUNE 3 The Ministry of Health and Population has directed hospitals to send home patients infected with the novel coronavirus who show mild or no symptom of the disease so that hospitals can treat severe cases of COVID-19. Hospitals treating COVID-19 patients have also been told to Read More...

Nepal govt may declare state of public health emergency as coronavirus cases rise steadily

KATHMANDU: The Ministry of Health and Population is mulling over proposing to the Council of Ministers to declare state of public health emergency in the country following a surge in the number of COVID-19 cases in the country. Section 48 (2) of the Public Health Service Act states that if public Read More...

COVID-19 curve flattening in Narainapur

NEPALGUNJ, JUNE 3 The COVID-19 spread seems to have come under control in Narainapur Rural Municipality, Banke, which had emerged as a coronavirus hotspot after a number of people tested positive for the virus here earlier. According to the district’s corona focal person Naresh Shrestha, it Read More...

Frontline workers to get hazard allowance

KATHMANDU, JUNE 3 The Government of Nepal has published ‘Hazard Allowance Management Order for Human Resources Involved in the Treatment of COVID-19 Infection’ in Nepal Gazette for its implementation. The order aims to provide hazard allowance to the human resources involved in the identif Read More...

Kathmandu Medical College sealed

KATHMANDU, JUNE 3 Kathmandu Medical College Teaching Hospital in Sinamangal has been shut for an indefinite period after two of its health workers contracted COVID-19. The hospital’s Medical Director Dr Mukunda Raj Joshi issuing a notice today, informed that the hospital would be closed for Read More...