Aglaya Services What DarkMatter Approaches: Commonalities of Two Covert Government Surveillance Dealers

Cyber Warfare Asia
3 min readJan 3, 2018

--

Aglaya — a small scale government surveillance supplier of Indian origin drastically rose to fame, but for all the wrong reasons. Contradictory to its nature of offerings, the firm shares commonalities with one of the top cyber security service providers — DarkMatter. Coincidently, various researches suggest that what Aglaya claims to offer DarkMatter seems to be approaching.

Reportedly, Aglaya has links to spyware software technology and offensive government surveillance services. Nevertheless, what got it all the unforeseen attention was its alleged affiliation with DarkMatter.

Headquartered in the UAE, the revelations made about DarkMatter in the recent past completely contradict its mission of “safeguarding complex organizations”. It has lately been linked to ‘servicing offensive surveillance operations of oppressive governments’.

Owing to the covertness of the matter, nothing of the sort that directly links Aglaya with DarkMatter, is available on the Internet. However, speculations have been drawn around the two, indicating at the fact that Aglaya serviced to the requirements of DarkMatter through mediators.

Aglaya Linked to DarkMatter?

1. Government Surveillance: Aglaya is an Indian-origin government surveillance supplying firm. Whereas, leaked emails of CyberPoint — a firm that DarkMatter worked with on contractual basis — suggests that it integrated with Hacking Team, a surveillance peddler, to render what looked like surveillance equipment to the UAE government.

2. Cell Phone Exploits: An Android malware and BlackBerry spyware manual have been obtained from Aglaya, linking it to the consumer malware market while existing relations with the surveillance market’s biggest service providers — mSpy. On the other hand, sources close to DarkMatter state the firm’s intentions of exploiting software and hardware flaws to; infix malware in them and seize any nearby surveillance camera or cell phone for interfere with the device, its messages or signals.

3. Stealth Malware Protocol: In 2015, Aglaya was in London attending one of the biggest arms fair, DSEI, exhibiting military service called “stealth protocol”. The company’s CEO claimed it could hack a power station control system aka SCADA devices and still remain undetected by any firewall. Meanwhile, various sources including Simon Margaritelli — an Italian security researcher that DarkMatter tried hiring — claim that the firm aims to exploit hardware probes setup across some of the major cities for surveillance and building stealth malware implants for tracking and locating any person in the UAE.

4. Zero-day Vulnerability: Ankur Srivastava has claimed in the past of possessing a trove of zero-day vulnerabilities that are either unknown to others or unmanageable. And that, this prized possession of his, can easily fetch him a deal of more than $1 million. Coincidently, DarkMatter has a history rendering technology to its customers worth hundreds of millions via international vendors, making a $1 million look petty. Moreover, the firm has, according to sources approached for recruitment, discussed about proposing projects on researching and developing exploits for zero-day vulnerability.

The striking commonalities that emerge between DarkMatter’s approaches and Aglaya’s offering are not just surprising but also raise serious concerns in the global cyber security community.

Ankur Srivastava’s presence at the DSEI arms fair and ISS World conference to discuss invasive technology weren’t a mere coincidence. It was the result of a meticulously planned strategy of approaching potential customers. Similar to preparing a 20-page brochure for “one particular customer” whom Srivastava allegedly dealt only via “reseller / agent”.

An international vendor with offensive technology, ‘randomly’ trying to fetch unimaginative deal worth millions clearly make DarkMatter the ‘potential customer’ that Aglaya has mentioned in the past.

What if Aglaya continues to work for DarkMatter but covertly this time?

--

--

Cyber Warfare Asia

Providing news related to state sponsored cyber warfare in Asia