"We believe that fighting crime should be easy: we provide effective, easy-to-use offensive technology to the worldwide law enforcement and intelligence communities. Like what you see here? If you are from law enforcement, subscribe to our mailing list.
Desperate for sensational stories, some publications routinely ignore two plain facts: Criminals and terrorists today routinely use Internet secrecy and end-to-end encryption to rob, kill... Americans are considering the tricky balance between privacy and security. What is not needed now is hyperbole, hysteria and a lot of red herrings...The U.S. Director of National Intelligence is out with the 2016 “Worldwide Threat Assessment.” This is an every-February report to the public..."
Hacking Team is a Milan-based business offering "offensive" capabilities for law enforcement agencies and Its products are in use in dozens of countries across six continents, where they sells offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations. HackingTeam employs around 40 people in its Italian office, and has also subsidiary branches in Annapolis, Washington, D.C. and Singapore. The Italian government has restricted their license to do business with countries outside Europe.
The company defines itself in these terms : "Here in Hacking Team we believe that fighting crime should be easy: we provide effective, easy-to-use offensive technology to the worldwide law enforcement and intelligence communities. Technology must empower, not hinder. The company has been criticized for providing these capabilities to governments with poor human rights records, though HackingTeam states that they have the ability to disable their software if it is used unethically.
Hacking Team’s "DaVinci" Remote Control System is able, to break encryption and allow law enforcement agencies to decipher and monitor encrypted files and emails (even ones encrypted with PGP),Skype and other Voice over IP or chat communication of internet users of the target’s location and relationships. It can also remotely activate microphones and cameras on a computer and works worldwide. To monitor hundreds of thousands of computers at once, all over the country. Trojans are available for Windows, Mac, Linux, iOS, Android, Symbian and Blackberry.
Founded: 2003 Founders: David Vincenzetti, Valeriano Bedeschi Headquarters: Milan, Italy Key people: Alberto Ornaghi (ALoR), Marco Valleri (NaGA) Products: (stealing Passwords & personell Datas in a illegal way, hack illegal and sale to terrorists and corrupt Gov Leaders) "Software" Website: (click picture above) Wiki: Click here for Infos from Wiki
July 6, 2015: A Hacker Is Hacked - (lol) Controversial Italian Cyber Espionage Company Is Targeted
A controversial cyber espionage company called Hacking Team is reeling this morning after hackers gave it a taste of its own medicine by breaking into its systems, downloading hundreds of gigabytes of data and throwing it all on the open Internet. Hacking Team has not said whether the leaked documents are legitimate, but NPR verified that at least some of the hacked personal passwords do check out.
Without a doubt, a hack of this kind would be terribly problematic for a company that secretly sells spyware to governments — including, if the documents prove authentic, repressive ones — around the world.
Here's how one Twitter user put the news into context: Hacking Team has been controversial for years. Reporters Without Borders, for example, lists the company as an enemy of the Internet. Over the years, Citizen Lab, a lab that studies surveillance at the Munk School of Global Affairs at the University of Toronto, says that it has found Hacking Team's spyware in 21 countries, including Sudan, Egypt, Ethiopia, Turkey and Malaysia.
On two occasions, the Lab has written open letters to Hacking Team urging them to stop use of their software to quash human rights in repressive countries. Hacking Team has always maintained that it complies with the Wassenaar Arrangement, which is intended to limit the kind of dual-use technology that can be sold to certain regimes.
CSO Online, which covers cybersecurity issues, reports that one of the leaked documents — purportedly an invoice for services to Sudan — is especially telling:
"The link to Sudan is especially newsworthy as the company previously stated they've never done business with the nation. There is a UN arms embargo on the Sudan, which is covered by EU and UK law. If they were doing business with the Sudanese government, Hacking Team could be in hot water. In 2014, a Citizen Lab report revealed evidence that Hacking Team's RCS (Remote Control System) was being used by the Sudanese government, something the Italian company flat-out denied. However, on Sunday a contract with Sudan, valued at 480,000 Euro, and dated July 2, 2012, was published as part of the 400GB cache. In addition, a maintenance list named Sudan as a customer, but one that was 'not officially supported.' Interestingly, Russia has the same designation."
Christopher Soghian, a privacy activist with the ACLU tells NPR's Elise Hu that this trove of documents is a "smoking gun" that shows that "Hacking Team has in fact sold its technology to a number of governments with truly atrocious human rights records." He added: "What this shows us is that surveillance software, advanced surveillance capabilities, are now available to the largest and smallest governments in the world. We really need to have a bigger conversation about whether these tools should be used in democracies."
Elise called Hacking Team's office in Italy, but the person who answered the phone directed any questions to an email address. One of Hacking Team's employees apparently tweeted about the incident. Before the account was deleted, Christian Pozzi, a senior security engineer at the company, said they were working with police to catch the hackers. "A lot of what the attackers are claiming regarding our company is not true," the tweets read. "Please stop spreading false lies about the services we offer." No one, yet, has taken responsibility for the hacking.
U.S. Sales Back in April, Vice's Motherboard blog reported that the Drug Enforcement Agency had been secretly buying surveillance software from Hacking Team. If these leaked documents are legitimate, they would prove Vice's story correct. Two spreadsheets included in the trove of data, show that Hacking Team has sold hundreds of thousands of dollars worth of software to the DEA, the FBI and the Department of Defense.
One of the spreadsheets shows that $473,000 worth of software was delivered to the DEA through a company called CICOM USA. As Motherboard reported, federal records show that CICOM USA, a communications company headquartered in Maryland, has been given many contracts throughout the years. In 2012, for example, records show that CICOM received a DEA contract worth $575,000 for "other communications equipment manufacturing." According to Motherboard, the DEA was purchasing software known as Remote Control System, which is "capable of intercepting phone calls, texts, and social media messages, and can surreptitiously turn on a user's webcam and microphone as well as collect passwords."
They reported: Surveillance tech experts say the DEA's relation with Hacking Team is further proof that methods and tools once only reserved for the military, intelligence agencies and even cybercriminals—such as drones and StingRays—are becoming commonplace in law enforcement as well. Hacking software is yet another example of a technology created for the intelligence community that has secretly trickled down to law enforcement,' Christopher Soghoian, the principal technologist at the American Civil Liberties Union and an expert of surveillance technology, told Motherboard. And given the how powerful this spyware can be, Soghoian added, "...we need a public debate over this invasive surveillance technology.".
Saudi Arabia came close to buying Hacking Team (September 25) US ambassador was involved in deal to buy hacked spyware vendor
The Saudi Arabian government came close to buying control of Italian surveillance software company Hacking Team, notorious for selling its product to undemocratic regimes, according to hacked emails posted by WikiLeaks. The negotiations were handled by Wafic Said, a Syrian-born businessman based in the U.K. who is a close friend of the Saudi royal family, and also involved Ronald Spogli, a former U.S. ambassador to Italy, who had an indirect investment in Hacking Team.
The deal collapsed in early 2014 after the removal of Prince Bandar bin Sultan as head of the Saudi intelligence service. The former Saudi ambassador to Washington had backed the purchase but it was not supported by his successor. Saudi Arabia has long had a reputation as a human rights violator and this week it emerged that a Saudi court had confirmed a death sentence on a young man convicted of participating in antigovernment protests inspired by the Arab Spring. Ali al-Nimr has been sentenced to be beheaded and then crucified for crimes he allegedly committed at the age of 17.
Eric Rabe, a spokesman for Hacking Team, said the talks had never been close to completion. Countries such as Saudi Arabia were allies of the West and it was important that they should receive instruments that enabled them to combat crime and terrorism, he said in a telephone interview. "If our technology is sold to a repressive regime it does not automatically mean it will be used to terrorize dissidents and repress democracy," Rabe said.
In late 2013 the negotiations to sell control of Hacking Team to Said's investment company Safinvest appeared to be progressing. On December 4 the billionaire philanthropist, who donated the prestigious Said Business School to Oxford University, wrote to Hacking Team CEO David Vincenzetti to assure him he was 100 percent committed to the project. "You must have faith and trust me. We are serious and do not want to waste time or money," Said wrote in one of more than a million company emails posted online following a disastrous security breach at Hacking Team in early July.
On Feb. 10, 2014, a senior manager at Safinvest, Charles Stauffer, wrote to Vincenzetti to spell out some of the details of the transaction. Ironically, the Saudi-owned company was to be called Halo -- the circular symbol used to denote a saint in Christian art -- and the price was set at 37 million euros (US $42 million). "Joint Venture company would be formed in the country and this will contract with The Client to execute the new project," Stauffer wrote. The email discussed the training of local staff and office space requirements.
Another email, sent by Vincenzetti to a business adviser on January 14, indicated that Hacking Team did not intend to allow its activities to be cramped by international agreements restricting the export of dual-use technologies to repressive or belligerent regimes. "The newco should be away from countries adhering to the new, forthcoming export regulations on ‘offensive technologies’ which will [be] dictated by the recent Wassenaar Arrangement," Vincenzetti wrote. "We would like the newco to be in a country which will not impair the export of our technology."
Vincenzetti helpfully included a link to a list of countries participating in the Wassenaar Arrangement, which aims to encourage responsibility in the transfer of conventional arms and dual-use technologies, so that those countries could be avoided. On April 14 Vincenzetti sent colleagues a newspaper article on Prince Bandar’s ouster as head of Saudi intelligence, saying it provided "further clarification as to why things didn’t move forward with W. [Wafic]."
"Hacking Team had a long legal battle to get permission to export its products to problematic countries. It's paradoxical that it couldn’t sell its software to Saudi Arabia but it could sell them the entire company," said Marco Lillo, the Italian journalist who first reported on the existence of the Saudi-related emails for the newspaper Il Fatto Quotidiano last month.
Despite Vincenzetti's close links to the Italian secret services -- he sold his company's Remote Control System to the foreign intelligence service AISE -- and the fact that a company owned by the Lombardy regional government had a 26 percent stake in Hacking Team, there is no evidence that the national government took any steps to prevent the sale. A spokesman for the Prime Minister's office said by SMS that he had no information on the subject.
It is probable that the U.S. government would have been made aware of the pending sale by Spogli. A venture capitalist and member of the board of trustees of Stanford University, the former ambassador owned a 10 percent stake in an investment company, Innogest, which controlled 26 percent of Hacking Team. Spogli had only a minimal involvement in the Saudi negotiations, an Innogest official said by phone. He declined to comment further. Neither Said nor Spogli responded to requests for comment.
As well as being used to track Sunni fundamentalist terrorists, Hacking Team's technology was very likely deployed against Saudi Arabaia's internal Shia opposition to the regime, said Liisa Liimatainen, a Finnish journalist and author of a book on the battle for female emancipation in the Gulf kingdom. "There are a lot of bloggers and very lively debates on Twitter, but it's a medieval state," Liimatainen said in a telephone interview. "They monitor Internet and use terrorism laws against civil society. Facebook activity and corresponding with a foreigner can be considered crimes in themselves," she said.
Hacking Team’s Rabe said he had no information on who was responsible for the disastrous hack that spilled 400GB of the company's internal data onto the Web. "It was a sophisticated attack and we don't believe its success was down to poor passwords," he said. Rabe said he didn't think the hack was the work of corporate rivals, as competitors were unlikely to post the results online. "It was people who were trying to destroy our company. Our clients have been extraordinarily loyal and patient," he said. Around 40 software engineers spent the summer working around potential countermeasures resulting from the hack, Rabe said. "In fairly short order we’ll have people back using the system."
4 Lasting Impacts Of The Hacking Team Leaks
Doxing attack against Italian surveillance company put some nasty tools in the hands of attackers and might be the final nail in the coffin for Adobe Flash. It's a sprint between criminals and security researchers to see who can find vulnerabilities and attack tools hidden in the leaked Hacking Team files fastest. Adobe and Microsoft are scrambling to keep up, but these are just some of the immediate concerns. So what will the long-term impacts be of the doxing attack on the Italian surveillance company?
1. The Death of Flash?
Tuesday, Adobe was forced to patch two more critical zero-day vulnerabilities discovered in the leaked Hacking Team files, CVE-2015-5122 and CVE-2015-5123. Both (like CVE-2015-5119 last week) are use-after-free vulnerabilities that allow for remote code execution. The 5122 bug was being exploited in the Angler exploit kit within a matter of hours, according to security researcher Kafeine, and has since shown up in the Neutrino, RIG, and Magnitude exploit kits.
Adobe Flash has been riddled with critical vulnerabilities in the past year, causing some to say it's time for Flash to retire. However, the Flash vulnerabilities revealed in the Hacking Team breach have pushed from commentary to action.
Mozilla on Monday began preventing Flash from running by default in Firefox. Then on Tuesday, Mozilla temporarily blocked Flash altogether while waiting for Adobe to release patches for the latest vulnerabilities to come out of the leaked Hacking Team files.
US-CERT today updated an advisory (originally released Tuesday) about these vulnerabilities. Not only does the advisory say to prioritize security updates for the affected software, it also says to "limit Flash content" and that "updating is not sufficient, and it is important to use exploit mitigation and other defensive techniques."
And on Sunday, Facebook's security chief Alex Stamos tweeted: "It is time for Adobe to announce the end-of-life date for Flash and to ask the browsers to set killbits on the same day."
2. More Sophisticated Tools In Hands Of More Attackers
The CVE-2015-5119 Flash vulnerability was used by the APT3 (a.k.a. UPS) advanced persistent threat actor in a targeted attack against the US government last week, according to Palo Alto Networks.
It isn't just the vulnerabilities that are the problem, though; it's the surveillance software Hacking Team sold to its customers -- which is, as Adam McNeil of Malwarebytes wrote, "basically nothing more than a Remote Access Trojan," like Zeus or AlienSpy.
The source code for Hacking Team's flagship product, Remote Control System (RCS), was leaked in the attack, and Malwarebytes researchers took a closer look at it. "RCS is feature-rich with surveillance capabilities and can collect or monitor most components on a personal computer or cell phone," wrote McNeil. "The software has the ability to exploit systems, execute code, destroy files, and monitor an array of peripherals, applications, and communications."
The Impact of a Security Breach 2017
Despite the escalation of cybersecurity staffing and technology, enterprises continue to suffer data breaches and compromises at an alarming rate. How do these breaches occur? How are enterprises responding, and what is the impact of these compromises on the business? Brought to you by Guidance Software
Meanwhile, Hacking Team CEO David Vincenzetti told reporters today that "Only a part of the source code has been stolen," softening his initial, much more dire account of the attack.
RCS works on Windows, OSX, Linux, Android, Blackberry, iOS, Symbian, and Windows Phones and comes with all the typical RAT tools, like keyloggers and screenshot grabbers. It also uses anti-analysis methods. And according to McNeil, its management software is hidden behind a chain of anonymizers.
The cloaking and persistence mechanisms are impressive. According to Trend Micro Labs, RCS comes equipped with a UEFI BIOS rootkit -- and even reformatting the infected machine or replacing the disk wouldn't remove the infection.
Further, according to Malwarebytes, Hacking Team claimed that the exploit portal would always contain at least three zero-days at any time.
On the black market, any of these tools would come at a very high price and require a base level of technical knowledge to operate (except, perhaps, for the Blackshades RAT, which was ultimately undone by its own user-friendliness). However, the Hacking Team breach has not only brought the masses this tradecraft for free, it also provided extensive documentation and how-to manuals to make it easier for their customers to use the tools Hacking Team sold.
3. Secret Bitcoin Transactions Not So Secret
In the RCS 9.2 upgrade, Hacking Team added its "Money Module," which could track cryptocurrencies like Bitcoin, and according to leaked emails "is able to collect various information: list of contacts and local accounts, wallet (i.e., the money) and the history of transactions." Money Module has been available since January 2014.
4. Greater Concern About Government Interference With Privacy Controls
Numbered among Hacking Team's customers was the FBI. Today, it was revealed that the Bureau had enlisted the Italian company's aid in uncovering the true identity of a user of the TOR anonymization service.
Not only has the breach shown that the government is using a tool being equated to a malicious RAT, but that governments of countries with histories of significant human rights abuses -- including Egypt, Sudan, Russia, and Ethiopia -- have been sold the very same tools.
Du darfst keine neuen Themen in diesem Forum erstellen. Du darfst keine Antworten zu Themen in diesem Forum erstellen. Du darfst deine Beiträge in diesem Forum nicht ändern. Du darfst deine Beiträge in diesem Forum nicht löschen. Du darfst keine Dateianhänge in diesem Forum erstellen.