We've heard extensively about the ways in which governments and intelligence agencies around the world use powerful technology to hack into the phones of everyone from suspected terrorists to activists, human rights campaigners and journalists. But just as interesting is a phenomenon in the private sector that has exploded in
We've heard extensively about the ways in which governments and intelligence agencies around the world use powerful technology to hack into the phones of everyone from suspected terrorists to activists, human rights campaigners and journalists. But just as interesting is a phenomenon in the private sector that has exploded in recent years.
It goes something like this: two sides get into a dispute. Then magically the private messages and documents of one party end up on the internet. By sheer accident, lawyers for one party stumble onto the e-mails and realize they're relevant to the dispute at hand. They then submit these miraculous materials as evidence in the dispute. What amazing timing... The term for this odd phenomena is "hack and leak" or "hack and dump."
One of my all-time favorite investigations at the Wall Street Journal included a for-profit hacking allegation at Softbank. Read it here (so I don't have to repeat dozens of allegedlys and declined to comments -- a PDF copy here).
Last weekend, an in-depth NYTimes story by Barry Meier and Karan Deep Singh highlighted another fascinating case involving the tiny sheikhdom of Ras Al Khaimah in the United Arab Emirates, a Iran-contra bold name, and a group of lawyers and private investigators around the world. Long story short, the rulers of RAK got into a dispute with advisors working with its sovereign fund and the two sides went to legal war. At one point in the battle, the entire e-mail history of one of the key characters – a man called Farhad Azima – ended up on the internet.
This is a relatively obscure case for anyone to follow, except for those who enjoy the tangled narrative and the implications that some of the actions there relate to an even more turgid scandal in the UK around the company ENRC. Read Kleptopia by FT journalist Tom Burgis to get insights into that saga.
A FAR MORE INTERESTING AND MEANINGFUL CASE about for-profit hacking has been simmering just below the surface for the better part of two years. It has the potential to blow the lid off all kinds of for-profit hacking – including from individuals and companies that might otherwise be described as respectable. This case has the potential to be the Rosetta Stone of for-profit hacking, revealing the ways in which global disputes are being waged partly in the cyber underworld. This is the case of Aviram Azari, an Israeli former police officer whom the Department of Justice describes as a critical intermediary between private clients and hackers for hire.
Whale Hunting is FREE if you subscribe. If you want to support what we're doing please feel free to opt for the paid subscription.
Azari was arrested by the FBI soon after landing on a flight from Israel to Florida on September 29, 2019. Ever since, he's been held in "The Tombs" in Manhattan - the same jail where Jeffrey Epstein committed suicide. (Read the full indictment here). Azari pled not guilty and is awaiting a trial.
What makes Azari such an appealing window into this world is that he allegedly conducted all his affairs from an open e-mail account using a US server, so the FBI and prosecutors have access to terabytes of information over years about this business. They also have two iPhones he arrived with in the United States, according to the court documents.
The indictment reveals some choice nuggets, such as how two co-conspirators first wrote him in November 2014 with a very candid message – they "have a team of Email Penetration Experts, sophisticated developers for extracting files" and that they were hoping "we can make some money working together." There's screenshots of hacked accounts and what appears to be evidence of dozens and dozens of alleged hacker-for-hire cases.
The NYTimes revealed in June 2020 that one of the targets of the hacker-for-hire campaigns were environmental groups. Citizen Lab, which does some of the most meaningful research into the ways computer hacking is used against civil society, journalists and others, discovered the efforts against the environmental groups and revealed the alleged role of an Indian computer group (who had previously described themselves as "ethical hackers").
“In our investigation, we determined that hiring hackers may be a relatively common practice for many private investigators,” said John Scott-Railton, the report’s lead author. “The sheer scale of it is remarkable to us.”
As investigators dig deeper and follow the money flows, what we suspect will be revealed is an interconnected web of lawyers, hackers, investigators and prominent companies and people in disputes. There's a good chance that Azari's e-mails (and the knowledge locked in his head) are the connective fiber between many of these parties. How this shakes out will be extraordinarily interesting and give important context to some of the great news stories and lawsuits of the last few years where mysteriously appearing e-mails played a star role.
It might also give insight into all kinds of recent cyber warfare, including the well-funded battle between the oil-rich Gulf states that veered into attacks on politically-connected people like Elliott Broidy.
If hacked e-mails have important news-worthy material, I'm in favor of journalists reporting on them. But the context of how those people came to have their e-mails leaked is also important to know. Even more important is finding ways to protect yourself against them. Governments may be targeting journalists and activists, as we've seen in the Pegasus reporting project, but private companies and wealthy individuals have access to similarly worrying tools.
Check out Project Brazen's new podcast FAT LEONARD about the craziest, most alarming national security and corruption scandal in recent US military history. Hear from Leonard Glenn Francis himself on how he corrupted scores of sailors, including admirals, and from the woman who helped bring his empire down after her husband joined Leonard's Goodfellas-esque gang of corrupt officers. Episodes 1-5 are out; the remaining five episodes will come out every Tuesday until the end of November.
The latest episode (5) is all about Marcy Misiewicz, the unlikely heroine of the FAT LEONARD scandal depicted below by our good friend and amazing artist Sonny Liew.
This is the second edition of WHALE HUNTING, our weekly newsletter delving into the secret worlds of money and power that Tom and I became obsessed with during our multi-year investigation into the globe-sprawling 1MDB scandal. That project changed our entire worldview. We wrote a book about it.
Uncovering that scandal felt a bit like taking the red pill and suddenly seeing a hidden dimension all around where little-known characters and their associates are actually pulling the strings. The richest and most dangerous people in the world are largely unknown to the public (they certainly aren't featured on the annual Forbes rich list).
Jho Low, the fraudster who orchestrated the $6 billion theft from 1MDB and is still at large, was the ultimate whale. The term comes from nightclubs and casinos, who use it as a codeword for big spenders. Our use of the term is broader. The whales are the people, usually armed with extraordinary amounts of money, that play a larger role in global affairs than their public profile might suggest. Sometimes they're a public figure doing unexpected things behind the scenes. Understanding who they are and what they're up to is an eye-opening experience that will change how you interpret the daily news.
Tom and I were long-time reporters for the Wall Street Journal before setting off on our own earlier this year to create Project Brazen, a journalism studio and production company. We're creating books, podcasts and documentaries, and we'll share behind-the-scenes insights into the characters and stories we find along the way.
Get in touch with us: email@example.com and firstname.lastname@example.org
You can also follow Whale Hunting on Twitter.