How Hacking Team got hacked

A black hat claims responsibility for the hack. Here’s how he says he did it.

(credit: Brian Klug)

On Friday, the self-described black hat hacker who claimed responsibility for the Hacking Team dump last year, and who goes by the handle "Phineas Phisher," published the technical details of how he pulled off the caper—and encouraged others to follow his example.

The apparently bilingual hacker originally published the details in Spanish—"just having some fun trolling the English speaking internet," he posted on Reddit—but subsequently translated the document into English.

Private intelligence contractor Hacking Team develops and sells hacking tools to governments around the world, a practice many have questioned as enabling human rights violations.

Read 19 remaining paragraphs | Comments

Advanced spyware for Android now available to script kiddies everywhere

Hacking Team code is the most professionally developed Android malware ever exposed.

One of the more recent discoveries resulting from the breach two weeks ago of malware-as-a-service provider Hacking Team is sure to interest Android enthusiasts. To wit, it's the source code to a fully featured malware suite that had the ability of infecting devices even when they were running newer versions of the Google-developed mobile operating system.

The leak of the code base for RCSAndroid—short for Remote Control System Android—is a mixed blessing. On the one hand, it provides the blueprints to a sophisticated, real-world surveillance program that can help Google and others better defend the Android platform against malware attacks. On the other, it provides even unskilled hackers with all the raw materials they need to deploy what's arguably one of the world's more advanced Android surveillance suites.

"The RCSAndroid code can be considered one of the most professionally developed and sophisticated Android malware [titles] ever exposed," researchers from security firm McAfee wrote in a recently published blog post. "The leak of its code provides cybercriminals with a new weaponized resource for enhancing their surveillance operations."

Read 4 remaining paragraphs | Comments

Hacking Team may not have had a backdoor, but it could kill client installs

Spyware vendor is also sad that no one in the media sees it as the real victim.

In a rare press release issued Wednesday morning, Hacking Team, the embattled Italian surveillance software vendor, reiterated that it did not and does not have a "backdoor" into its clients’ installations of the Remote Control System, or RCS. But new analysis of its leaked source code seems to directly contradict this claim.

Hacking team said:

There have been reports that our software contained some sort of "backdoor" that permitted Hacking Team insight into the operations of our clients or the ability to disable their software. This is not true. No such backdoors were ever present, and clients have been permitted to examine the source code to reassure themselves of this fact.

According to new research by Joseph Greenwood, a UK-based researcher with 4Armed who has been examining the leaked RCS source code in detail, this is a distinction without a difference.

Read 11 remaining paragraphs | Comments

Researcher takes umbrage after finding his code in Hacking Team malware

Tool for capturing audio from Android devices folded into spyware sold to governments.

A security researcher has taken umbrage at Italian malware developer Hacking Team after discovering that his open source exploit tools were included in Android surveillance software sold to governments around the world.

Collin Mulliner, well-known in security circles for exposing vulnerabilities in mobile devices, published a blog post Tuesday that attempts to set the record straight. To wit: his tools—which among other things surreptitiously capture conversations and other sounds within earshot of infected Android phones—were used without permission or notice by Hacking Team. He learned about the use only after the breach of Hacking Team computers, which resulted in a 400-gigabyte leak of confidential company documents, including these e-mails showing company engineers discussing Mulliner's tools.

In Tuesday's post, Mulliner wrote:

Read 1 remaining paragraphs | Comments