Hacking Team hit by breach; leak suggests it sold spyware to oppressive regimes
By Zack Whittaker for Zero Day
The elusive Italian spyware and hacking tool provider — particularly for law enforcement — had its corporate insides revealed over the weekend.
Even hackers get hacked
One of the most elusive spyware and malware providers to government agencies has been hit by hackers who have turned over what appears to be most of, if not all of the company’s corporate data.
After apparently taking over its Twitter account, the administrative innards of the Milan, Italy-based Hacking Team was left open for the world to download. Throughout Sunday evening, a series of further tweets pointed to a widespread attack of the company’s systems, exposing some of its — and the world’s government’s dealings — open for public scrutiny.
Hackers, whose identities are not yet known, have posted a torrent file-sharing link of more than 400GB worth of the company’s data — including emails and financial data — for download.
The Italian company makes surveillance technology for governments and private industry, although names and companies have never been formally disclosed. The company which makes spyware and malware designed to infiltrate a number of platforms, both desktop and mobile, to assist in surveillance. Its products can turn over instant messages and text messages, phone calls, and other data, all while slipping past most antivirus products.
But exactly who gets those tools remained much of a mystery.
While it’s no secret that the US and UK have been in cahoots in massive surveillance, how firms like Hacking Team have provided technological support more oppressive regimes has remained much of a mystery. (The US Drug Enforcement Administration reportedly bought spyware products from the company as early as 2012, according to Motherboard.)
In some of the documents seen, the company has provided sales to countries with poor records on human rights and civil liberties, such as Bahrain, Saudi Arabia, Sudan, Oman, Lebanon, and Egypt.
A tweet posted Sunday by Eva Galperin, global policy analyst at the Electronic Frontier Foundation, posted a list of countries said to be customers of the Italian company. On that list, countries include Morocco, Panama, and Mexico, but also allied nations, such as Australia, Germany, and the US.
The company previously said it had not sold spyware and targeted surveillance malware to Sudan, but records leaked from the company’s systems suggest otherwise.
In one file first tweeted about, the company instructed the Sudanese government to pay €480,000 ($530,000) by wire transfer for “remote control” systems, used to access a subject’s personal information.
“Our software isn’t a weapon, so we weren’t prohibited from selling it to Sudan,” he said in a tweet, paraphrasing a document he screenshotted and published.
Hacking Team was in 2012 named as one of the “corporate enemies of the internet” by Reporters Without Borders for its role in providing tools to oppressive nations.
This isn’t a story that’s going away any time soon. We’ll have more over the coming hours, and days.
IMAGE:
About 400GB worth of data was stolen by hackers (Image: ZDNet/CBS Interactive)
Even hackers can get hacked.
For more on this story go to: http://www.zdnet.com/article/hacking-team-hit-by-breach-files-suggest-it-sold-spyware-to-oppressive-regimes/
ITEM: www.onecloudsecurity.com