lolloj - Fotolia

Italy’s Hacking Team gets hacked

Unknown hackers have posted a torrent file-sharing link to more than 400GB of Hacking Team data, including source code, internal documents and emails that could reveal the identity of customers

Hacking Team, a controversial Italian surveillance software firm that counts law enforcement and security agencies among its customers appears to have been hacked.

The hackers have reportedly posted a torrent file-sharing link to more than 400GB of data, including source code, internal documents and emails that could reveal the identity of customers.

The hackers appear to have taken over the company’s Twitter account, replacing the account biography, changing the name to “Hacked Team”, and posting a link to and images of the stolen data.

The account biography for the Milan-based company now reads: Developing ineffective, easy-to-pwn offensive technology to compromise the operations of the worldwide law enforcement and intelligence communities.

One tweet by the hackers that is written as if it were posted by Hacking Team reads: “Since we have nothing to hide, we're publishing all our e-mails, files, and source code, followed by a link.

A full nine hours after that tweet was posted, Hacking Team did not appear to have regained control of their Twitter account.

The files have not been verified by the company or any independent third party as being authentic and there is no indication of how or when the attack took place.

In 2012, Hacking Team was named as one of the "corporate enemies of the internet" by Reporters Without Borders for providing surveillance tools to oppressive nations.

Hacking Team has never identified any of its clients and has consistently denied selling to oppressive governments.

But according to some tweets, Hacking Team’s customers include South Korea, Kazakhstan, Saudi Arabia, Oman, Lebanon and Mongolia.

The documents show sales to other countries with poor human rights and civil liberties records, such as Bahrain, Sudan and Egypt.

However, a tweet by Eva Galperin, global policy analyst at the Electronic Frontier Foundation, also listed Morocco, Panama and Mexico, as well as the US, Germany and Australia.

Some of the leaked documents appear to show passwords used by both Hacking Team staff and its customers. Examples include: Passw0rd!81, Passw0rd, Passw0rd!, Pas$w0rd, and Rite1.!!

“Sadly the passwords appear to prove that even those you would hope understand the importance of good password security still make very bad choices,” said independent security consultant Graham Cluley.

“It is questionable just how many intelligence agencies would want to use the services the firm now it has been so seriously breached,” he wrote in a blog post.

The leaks come almost a year after the police department in Australian state New South Wales was exposed as a client of surveillance software FinSpy (FinFisher) in documents published by WikiLeaks.

The software can be used to spy on smartphones and PCs, enabling users to read emails and encrypted files and listen to voice over IP (VoIP) calls.

FinSpy was also sold to governments and law enforcement agencies by Gamma International, which has branches in the UK and Germany.

Read more about surveillance

Read more on Privacy and data protection

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

This is an unending problem. We've got to acknowledge that we can't build better security. With enough time, THEY can always build a better battering ram. There's incredible financial incentive plus bragging rights. And, like Hillary, it's done because it's there.

We need to start over. We need to rethink the problem and find a totally different solution. Unfortunately, we'd better hurry or there won't be anything left to secure.
Cancel
Good points @ncberns, the thing is we're not even following our own rules. Most people know what needs to be done (i.e. passwords, patching, full disk encryption, etc.) but for whatever reason/excuse, things aren't getting done. Every new study every year (i.e. Verizon DBIR, Ponemon, etc.) shows that the "basics" are continually being ignored and/or exploited. I wrote about this problem for SearchSecurity.com over 11 years ago:
https://searchsecurity.techtarget.com/tip/Getting-back-to-basics

I outlined more details/stats around this principle in this recent blog post:
http://securityonwheels.blogspot.com/2015/02/back-to-basics-in-information-security.html

Akin to politicians and their promises for hope and change yet nothing gets done, it's merely history repeating itself or as Einstein referred to it: insanity.
Cancel

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close