Hacking of a spy cyber security firm “The Hacking Team”: Most Interesting articles
Here we provide 10 the most interesting and informative articles related to major hacking of a spy cyber security firm “The Hacking Team”.
The Italian company, Hacking Team is among a handful of companies that offer surveillance tools to law enforcement around the world. The Italian company is well-known for its controversial operations, helping governments and various intelligence agencies spy on citizens.
Hacking Team says its tools enable investigators to obtain information even if targets encrypt their communications to protect them.
5th July 2015, this Italian cyber security firm has itself become the victim of a hacking attack.
Hacking Team Remote malware used by 21 Governments
1. Hacking Team hacked: firm sold spying tools to repressive regimes, documents claim
According to the documents, 400GB of which have been published, Hacking Team has also been working with numerous repressive governments – something it has previously explicitly denied doing.
The company has repeatedly denied selling its technology to repressive regimes.
But, if genuine, the leaked documents suggest that among Hacking Team’s clients are the governments and security services of Azerbaijan, Kazakhstan, Uzbekistan, Russia, Bahrain, Saudi Arabia and the UAE.
Most notably, the documents include an invoice for €480,000, which purports to be from the Sudanese national intelligence service, dated June 2012.
2. Hacking Team Asks Customers to Stop Using Its Software After Hack
On Sunday night, an unnamed hacker, who claimed to be the same person who breached Hacking Team’s competitor FinFisher last year, hijacked its Twitter account and posted links to 400GB of internal data. With access to this data it is possible to link a certain backdoor to a specific customer.
Hacking Team notified all its customers on Monday morning with a “blast email,” requesting them to shut down all deployments of its Remote Control System software, also known as Galileo, according to multiple sources.
Read more at: http://motherboard.vice.com/read/hacking-team…
3. Days after Hacking Team breach, nobody fired, no customers lost
In recent years, Hacking Team sold its spyware—ostensibly to combat criminal activity—to various governments globally. The company has even presented to Swiss and Canadian authorities.
One of the areas where Hacking Team has been roundly criticized is for selling to Sudan, a country with a notoriously poor human rights record. The African nation is also subject to a United Nations arms embargo, asset freeze, and travel ban.
4. Hacking Team leak releases potent Flash 0day into the wild
Hacking Team documentation accompanying the Flash exploit said it targeted “the most beautiful Flash bug for the last four years,” according to a blog post published Wednesday by researchers from antivirus provider Trend Micro.
The use-after-free flaw resides in a Flash Bytearray object. Researchers at competing AV company Symantec have confirmed the existence of a Flash exploit that works against the latest version of Flash (18.0..194).
The exploits can be used to surreptitiously install Hacking Team surveillance software, or other types of malware, on vulnerable computers with little or no indication anything is amiss.
Adobe released a security bulletin about this vulnerability which is assigned CVE-2015-5119.
5. Zero-Day Exploits Leaked in Hacking Team Breach
A hacker using the online moniker “Phineas Fisher” has taken credit for the attack on Hacking Team.
A readme document found alongside proof-of-concept (PoC) code for the Flash Player zero-day describes the vulnerability as “the most beautiful Flash bug for the last four years since CVE-2010-2161.”
According to the document, the flaw affects Flash Player 9 and later on Internet Explorer, Chrome, Firefox and Safari. Trend Micro has analyzed the vulnerability and determined that it’s caused by a use-after-free (UAF) issue in the ByteArray class.
Read more at: http://www.securityweek.com/zero-day-exploits-leaked…
6. Unpatched Flash Player Flaw, More POCs Found in Hacking Team Leak
The information dump includes at least three exploits – two for Flash Player and one for the Windows kernel. One of the Flash Player vulnerabilities, CVE-2015-0349, has already been patched.
One of the Flash exploits is described by Hacking Team as “the most beautiful Flash bug for the last four years.” This Flash exploit has not yet been given the CVE number.
7. Leaked Flash zero-day likely to be exploited by attackers
Symantec has confirmed the existence of a new zero-day vulnerability in Adobe Flash Player which could allow attackers to remotely execute code on a targeted computer.
Symantec regards this vulnerability as critical since it could allow attackers to remotely run code on an affected computer, effectively allowing them to take control of it.
8. Hacking Team spyware company hacked, embarrassing emails revealed
Hacking Team has more than 40 employees and sells commercial hacking software to law enforcement in several dozen countries, including Morocco, Ethiopia, and the United Arab Emirates. A recent report from Motherboard revealed that the Hacking Team also supplies spyware tools to the Drug Enforcement Agency to implant software in a suspect’s phone and record texts, emails, passwords, and monitor conversations.
9. Hacking Team spyware company allegedly breached, 400GB of data dumped online
Hacking Team develops surveillance tools that it has maintained are legally sold to governments for law-abiding investigations. But critics contend the company’s software has been used to spy on dissidents, human rights activists and journalists.
On Sunday, it appeared that Hacking Team’s Twitter feed was taken over. The banner on the page had been changed to “Hacked Team.” Several posts contained screenshots that are purportedly of the stolen data, which included emails sent by Hacking Team’s founder and CEO, Vincent Vincenzetti.
10. The FBI Spent $775K on Hacking Team’s Spy Tools Since 2011
Hacking Team has generated a total of 697,710 Euros ($773,226.64) from the FBI since 2011, according to the hacked spreadsheets. In 2015, the FBI spent 59,855 Euros on “maintenance,” and in 2014 the agency spent the same amount on “license/upgrades.” No expenditure was recorded for the whole of 2013.
In 2012, however, the FBI allegedly spent 310,000 Euros for Hacking Team’s services, all on licenses or upgrades, and the year before it spent 268,000 Euros.
Read more at: http://www.wired.com/2015/07/fbi-spent-775k…