Security World ROFLs At Hacking Team Being Hacked

[RichCor]

Time for some of us to get the popcorn out. This event should make for an interesting and amusing show.

Hacking Team breach: A 400GB corporate data dump and online mockery

The wholesale sacking of the spyware firm's systems was bad enough before employees underwent a public meltdown.

ZNET | By Charlie Osborne for Zero Day | July 6, 2015

Over the weekend, the secretive Hacking Team security firm was the victim of a cyberattack which ripped the company's corporate secrets apart and exposed the malware provider's email communications to the eyes of the Internet.

Milan, Italy-based Hacking Team is known for the creation of surveillance solutions for government agencies. Predictably, considering the client base, Hacking Team's dealings have rarely been formerly disclosed, leaving the security industry to wonder who customers are and what spy tools are floating around cyberspace -- and for what purposes.

Over the weekend, hackers who remain unnamed posted a.torrent file linking to over 400GB of company data belonging to Hacking Team. The file, which contains emails, client lists, revenue reports, client history and marketing materials -- just to name some of the most interesting aspects -- appears to show Hacking Team has a healthy client list worldwide.

According to the data -- which has not been independently verified at the time of writing -- Hacking Team counts customers in countries including Italy, the US, Spain, Singapore, Malaysia, Saudi Arabia, Mexico, Luxembourg, Egypt, Oman, Panama, Turkey, the UAE, Nigeria, Ethiopia, Poland, Thailand, Denmark and Israel, among others.

[innerspace]

Yep interesting read.... good to see our protectors are in on the action. Large number of emails exchanged according to the screenshots.

[RichCor]

I want to hear about what "Intellectual Property" (hacking tools and methods) they uncovered and took from the spy firm.

I've always been fascinated in how these tools are used, how they're deployed. But I really hope they bring them out into the light for all to see.

[innerspace]

Download the torrent and have a look (although it is huge! Torrent file alone is 20+ MB!)

[RichCor]

For anyone interested, here's a 2014 article on the spyware company in question, which includes some details on how they plant and use some of their Remote Control System spyware.

Mapping Hacking Team’s “Untraceable” Spyware

CitizenLab.org | February 17, 2014

Introduction

Background: Hacking Team and Remote Control System (RCS)

Hacking Team, also known as HT S.r.l., is a Milan-based company that describes itself as the “first to propose an offensive solution for cyber investigations.”6 Their flagship Remote Control System (RCS) product, billed “the hacking suite for governmental interception,” is a suite of remote monitoring implants (i.e., spyware) sold exclusively to government agencies worldwide.

Hacking Team distinguishes RCS from traditional surveillance solutions (e.g., wiretapping) by emphasizing that RCS can capture data that is stored on a target’s computer, even if the target never sends the information over the Internet. RCS also enables government surveillance of a target’s encrypted internet communications, even when the target is connected to a network that the government cannot wiretap. RCS’s capabilities include the ability to copy files from a computer’s hard disk, record skype calls, e-mails, instant messages, and passwords typed into a web browser. Furthermore, RCS can turn on a device’s webcam and microphone to spy on the target.

While Hacking Team claims to potential clients that RCS can be used for mass surveillance of “hundreds of thousands of targets,” public statements by Hacking Team emphasize RCS’s potential use as a targeted tool for fighting crime and terrorism.

Target Exploitation

How do governments install Hacking Team’s RCS spyware on a target’s computer? This section briefly outlines one method: the use of exploits, which takes advantage of bugs in computer software.

[bamnutsak]

The Royal Thai Army and the Royal Thai Police are both customers. The Bangkok Post has an article today with details.

Or you can search and read the emails...

https://wikileaks.org/hackingteam/emails?q=thailand&mfrom=&mto=&title=&notitle=&date=&nofrom=&noto=&count=50&sort=0#searchresult

Evidently there is an Excel file from HT's financial controller which lists "...the Royal Thai Police as purchasing products worth €286,482 (more than 10 million baht) in 2013, while the Royal Thai Army spent €360,000 in 2014."