Mozilla may strip off DarkMatter of certifications amid cyber espionage suspicions

0
326
Mozilla may strip off DarkMatter

Mozilla, the maker of internet browser Firefox, may block the services of the cybersecurity firm DarkMatter following the suspicions over a cyber espionage program. There are allegations that a secret hacking operation, codenamed Project Raven, has been carried out.

Mozilla, the maker of internet browser Firefox, may block the services of the cybersecurity firm DarkMatter following the suspicions over a cyber espionage program. According to the report published by Reuters, the United Arab Emirates-based firm gave a staff for carrying out a secret hacking operation, which was codenamed Project Raven. This program was said to be carried out on the behalf of Emirati intelligence agency. The staff consisted mainly of former U.S. intelligence officials who executed many cyber operations for the UAE government.

Former Raven operatives told Reuters that executives of DarkMatter were not aware of the secret operation, which was operated from a converted Abu Dhabi mansion. This operation included hacking into the official accounts of journalists, human right activists, and government officials, according to Reuters. However, DarkMatter denied all the accusations regarding this and outlined that the company is focused on offering security to computer networks.

DarkMatter has not responded to the request for comments on the matter. The Firefox maker Mozilla has been considering whether it should allow an authority to DarkMatter to certify websites as safe, according to the interview given to Reuters by two executives of Mozilla. The company has been considering the decision and will arrive at the final verdict within next few weeks.

Selena Deckelmann, a senior director of engineering for Mozilla, outlined that there is no technical evidence against DarkMatter regarding misuse of data. There is a strong probability that a strong evidence regarding misuse may appear in next few weeks. She added that the company has been deciding on restricting the authority of granting some or all of nearly 400 certifications by DarkMatter to websites.

Marshall Erwin, director of trust and security for Mozilla, stated the report by Reuters awakened a panic inside the company that the security firm might be utilizing the certification authority for “offensive cybersecurity purposes rather than the intended purpose of creating a more secure, trusted web.”

In a letter posted online to Mozilla on February 25, DarkMatter CEO Karim Sabbagh stated that the company has not been linked to the Project Raven. He wrote, “We have never, nor will we ever, operate or manage non-defensive cyber activities against any nationality.”

Selena Deckelmann outlined the Mozilla has concerns that DarkMatter may use the authority of certifications to provide certificates to hackers who intend to impersonate the real websites. DarkMatter, being a certification authority, is responsible partially for offering encryption between the approved websites and its users. If the encryptions are offered to bad actors, there would be interception of encrypted traffic. For instance, if the encryptions of bank website is offered, there would be unforeseen consequences in which users may lose their money and never be able to track where it went. The decision on authority to offer certifications would come in next few weeks.