IN JULY, SIMONE Margaritelli, an Italian security researcher, boarded a Boeing 777 in Rome headed for Dubai, a city now billing itself as a tech startup hub.
He had a big job interview with a new, well-funded cybersecurity company called DarkMatter, whose self-described mission is to “safeguard the most complex organizations,” from government to the private sector, by preventing and fighting malicious cyberattacks and providing secure methods of communication — defensive cybersecurity, rather than offensive, which involves breaking into online systems and devices for espionage or destruction.
A friend of a friend had recommended Margaritelli, who was invited to spend five days in the United Arab Emirates at the company’s expense to learn more about the job. When he arrived in Dubai, the City of Gold, he found a full schedule of outings and a deluxe suite at the Jannah Marina Bay Suites hotel.
Margaritelli used to be a “blackhat” — a hacker looking to break into electronic systems. Now he works for a mobile security firm called Zimperium, where he still hunts for security flaws but does so to help people fix them. I “break stuff to make the world a safer place,” his website reads. He’s most well known for a portable tool he developed called Bettercap, used to perform a man-in-the-middle attack, where a hacker can eavesdrop or sometimes alter private communications between individuals.
When he arrived at the 29th floor of the Marina Plaza for his interview, the company representative described a plan to deploy electronic probes all over major cities in the UAE, which a team of hackers would then break into, guaranteeing access for DarkMatter and its customer — the Emirati government. The mission would be for the “exclusive” benefit of national security, Margaritelli was told. “Imagine that there’s a person of interest at the Dubai Mall, we’ve already set up all our probes all over the city, we press a button and BOOM! All the devices in the mall are infected and traceable,” Margaritelli wrote in a blog post recounting his experience.
Margaritelli declined to pursue the job offer. After his post, titled “How the United Arab Emirates Intelligence Tried to Hire Me to Spy on Its People,” began circulating, DarkMatter issued a single terseTwitter reply. The company said it preferred “talking reality & not fantasy.”
“No one from DarkMatter or its subsidiaries have ever interviewed Mr. Margaritelli,” Kevin Healy, director of communications for DarkMatter, wrote in an email to The Intercept. The man Margaritelli says interviewed him, Healy continued, was only an advisory consultant to DarkMatter — and that relationship has since ended (though several sources say he was employed by the company and had a DarkMatter email address).
“While we respect an author’s right to express a personal opinion, we do not view the content in question as credible, and therefore have no further comment,” Healy wrote.
DarkMatter denied outright Margaritelli’s assertions that it was recruiting hackers to research offensive security techniques. “Neither DarkMatter – nor any subsidiary, subset, research wing, or advisory department—engage in the activities described,” Healy wrote. “We conduct rigorous testing on all our products to ensure they do not include any vulnerabilities.”
Indeed, the idea of a UAE-based company recruiting an army of cyberwarriors from abroad to conduct mass surveillance aimed at the country’s own citizens may sound like something out of a bad Bond movie, but based on several months of interviews and research conducted by The Intercept, it appears DarkMatter has been doing precisely that.
Most of those who spoke with The Intercept asked to remain anonymous, citing nondisclosure agreements, fear of potential political persecution in the UAE, professional reprisals, and loss of current and future employment opportunities. Those quoted anonymously were speaking about events based on their direct experience with DarkMatter.
Margaritelli isn’t the only one who insists that DarkMatter isn’t being truthful about its operations and recruitment. More than five sources with knowledge of different parts of the company told The Intercept that sometime after its public debut last November, DarkMatter or a subsidiary began aggressively seeking skilled hackers, including some from the United States, to help it accomplish a wide range of offensive cybersecurity goals. Its work is aimed at exploiting hardware probes installed across major cities for surveillance, hunting down never-before-seen vulnerabilities in software, and building stealth malware implants to track, locate, and hack basically any person at any time in the UAE, several sources explained. As Margaritelli described it in an email to me, “Basically it’s big brother on steroids.”